Domain Registration Terms Every Owner Should Know

## Domain Registration Terms Every Owner Should Know The domain industry has its own vocabulary. When you register a domain, interact with a Domain Registrar, or troubleshoot a problem, you will encounter terms that have precise technical or legal meanings. Knowing what they mean helps you make better decisions, avoid mistakes, and communicate effectively with support teams. This guide defines the most important terms in plain English. ## The Three-Party System: Registry, Registrar, Registrant Almost everything in domain registration flows through a three-party relationship: ### Registry The **registry** is the organization that manages a TLD (Top-Level Domain) (Top-Level Domain). Registries maintain the authoritative database of all domain registrations under their TLD. Examples: - **Verisign** is the registry for `.com` and `.net` - **Public Interest Registry (PIR)** manages `.org` - **Nominet** manages `.uk` - **DENIC** manages `.de` Registries set the wholesale price (registry fee) that registrars pay, establish the technical and policy rules for their TLD, and maintain the zone file that makes DNS (Domain Name System) work for their extension. Individual customers do not interact with registries directly. ### Registrar A Domain Registrar is a company accredited by ICANN to sell domain name registrations on behalf of registries. Registrars are your interface for everything domain-related. Examples: GoDaddy, Namecheap, Cloudflare Registrar, Porkbun, Google Domains (Squarespace Domains). Registrars pay the registry wholesale price and charge customers a retail price. Competition among registrars keeps retail prices reasonable — the markup over registry cost is typically small. Registrars must follow ICANN policies and their registry agreements, which is why certain protections (like grace periods) are consistent industry-wide. ### Registrant The Registrant is you — the person or organization that registers the domain. You are not the "owner" in a property-law sense; you hold a license to use the domain name for the registration period. Your rights and responsibilities as a Registrant are defined by ICANN's policies and your registrar's terms of service. ### How They Interact When you register a domain: 1. You pay the Domain Registrar (retail price) 2. The Domain Registrar pays the registry (wholesale price) 3. The registry adds your domain to its database 4. Your domain becomes live in the global DNS (Domain Name System) ## ICANN **ICANN** (Internet Corporation for Assigned Names and Numbers) is the non-profit organization that coordinates the internet's naming system globally. ICANN: - Accredits registrars - Approves new TLDs - Sets policy through multi-stakeholder processes - Maintains the root zone (the master list of all TLDs) - Oversees the WHOIS system and Registrant rights ICANN does not sell domains directly. It is a policy and coordination body, not a commercial entity. ## WHOIS **WHOIS** is the publicly searchable database that stores contact and ownership information for domain registrations. When you register a domain, your name, email, phone number, and mailing address are entered into the WHOIS database. Anyone can look up WHOIS records to find: - Who registered a domain - When it was registered and when it expires - Which Domain Registrar it is registered with - The name servers currently assigned The WHOIS system is important for accountability (who owns this site?), security research, and legal purposes. However, it is also a source of spam and phishing targeting registrants. Modern WHOIS is being replaced in some regions by the **Registration Data Access Protocol (RDAP)**, which provides more structured data and better access controls. ICANN's WHOIS accuracy requirements remain in effect. ## WHOIS Privacy / Privacy Protection WHOIS Privacy (also called WHOIS Guard, Domain Privacy, or Privacy Protection) is a service that replaces your personal contact details in the public WHOIS database with the registrar's proxy contact information. Instead of showing: ``` Registrant: Jane Doe Email: [email protected] Phone: +1.5551234567 Address: 123 Main St, Anytown, CA 94102 ``` It shows the registrar's proxy: ``` Registrant: WhoisGuard Protected Email: [email protected] ``` Legitimate communications (domain transfer requests, legal notices) are still forwarded through the proxy to your real email. Read more in domain-privacy-whois. ## EPP Code (Authorization Code / Transfer Code) The **EPP Code (Auth Code)** (Extensible Provisioning Protocol code) is a security code required to transfer a domain from one Domain Registrar to another. It is also called an Auth Code, Authorization Code, or Transfer Code depending on the registrar. The EPP code is generated by your current registrar when you initiate a transfer. You provide it to your gaining registrar (the one you are transferring to) to authenticate that you are the legitimate Registrant authorizing the transfer. Without the correct EPP code, a registrar-to-registrar transfer cannot be completed. This prevents unauthorized transfers. To get your EPP code: log into your current registrar's dashboard and look for "Transfer" or "Authorization Code" options, usually in domain management settings. ## Domain Lock / Registrar Lock / Transfer Lock **Domain Lock** (officially called Registrar Lock) is a security status that prevents unauthorized domain transfers. When locked, any transfer request is automatically rejected by the registry until the lock is removed. Most registrars enable domain lock by default. You must explicitly unlock your domain before initiating a transfer to another registrar. After the transfer is complete, the new registrar will re-lock the domain. Domain lock protects against: - Unauthorized transfers by hackers who have accessed your account - Social engineering attacks targeting registrar support staff - Accidental transfers ## Auto-Renewal **Auto-Renewal** is a setting at your Domain Registrar that automatically renews your domain registration before it expires, charging your stored payment method. With auto-renewal enabled: - Your domain renews without any action on your part - You receive notification emails in advance of renewal - Your stored credit card or payment method is charged Without auto-renewal: - You must manually renew before the expiration date - If you forget, you enter the grace period (extra fees), then redemption period (much higher fees), then lose the domain permanently **Recommendation:** Enable auto-renewal for any domain you care about. Check periodically that your payment method is current. ## Grace Period The **Grace Period** in domain registration refers to the window of time immediately after a domain expires during which you can still renew at the standard renewal price. Grace period length varies by TLD — for most gTLDs it is 0–30 days, though some TLDs have no grace period at all. During the grace period: - The domain may still resolve (website and email continue working) - Or it may stop resolving immediately upon expiration (TLD-dependent) - You can renew at the normal price After the grace period, you enter the **redemption period**. Read What Happens When a Domain Expires? for the full lifecycle. ## Redemption Period After the grace period expires, most domains enter a **Redemption Period** — typically 30 days — during which you can still reclaim your domain, but at a significantly higher redemption fee (often $80–$200+, compared to the standard $10–$15 renewal price). During the redemption period: - The domain is no longer resolving (website and email are down) - The domain is not yet publicly available for registration - You must pay the redemption fee to your Domain Registrar to recover it - The Domain Registrar pays the registry's restore fee After the redemption period, the domain enters a short "pending delete" phase (typically 5 days) before being released and made available for anyone to register. ## Domain Transfer A **Domain Transfer** is the process of moving a domain registration from one Domain Registrar to another. Reasons to transfer include: - Better pricing at the new registrar - Better interface or features - Consolidating multiple domains at one registrar - The current registrar going out of business The transfer process requires: 1. Unlocking Domain Lock at the current registrar 2. Obtaining the EPP Code (Auth Code) from the current registrar 3. Initiating the transfer at the new (gaining) registrar 4. Entering the EPP code at the gaining registrar 5. Approving the transfer via an email sent to the Registrant ICANN policy requires that a domain cannot be transferred within 60 days of its initial registration or a previous transfer. Transfers typically add one year to the expiration date. ## Nameservers (NS) **Nameservers** are the DNS servers that hold the authoritative DNS records for your domain. When you register a domain, the registrar sets default nameservers pointing to their own DNS infrastructure. You can change your nameservers to use another DNS provider — for example, if you want to use Cloudflare's DNS for better performance and security, you update your nameservers at your registrar to Cloudflare's NS addresses. Nameserver format: `ns1.cloudflare.com`, `ns2.cloudflare.com` — typically at least two for redundancy. ## TTL (Time to Live) **TTL (Time To Live)** is a value (in seconds) attached to each DNS record that tells resolvers how long to cache the record before checking for updates. A TTL of `3600` means "cache this for 1 hour." A TTL of `86400` means "cache for 24 hours." When you plan to change DNS records (moving to a new server, changing nameservers), lower your TTL a day or two in advance so changes propagate faster. After the change is stable, raise the TTL back to reduce DNS query load. ## Registrar Verification ICANN requires registrars to verify the email address of registrants after initial registration and after updating contact details. You will receive a verification email and must click the link within a set timeframe (usually 15 days). If you do not verify, the domain may be suspended. Always use a real, accessible email address for your registrar account. ## Registrant, Administrative, Technical, and Billing Contacts Domain registrations have four contact types: - **Registrant:** The legal owner/licensee. Most important for legal and transfer purposes. - **Administrative contact:** Authorized to make changes to the domain registration. - **Technical contact:** Responsible for DNS and technical configuration. - **Billing contact:** Responsible for renewal payments. For individuals and small businesses, all four are typically the same person. Large organizations may assign different contacts to each role. ICANN requires accurate contact information for all roles. With WHOIS Privacy enabled, the proxy information appears publicly, but the actual contacts are stored privately and used for legal/transfer purposes. ## Key Takeaways - **Registry**: Manages the TLD (Top-Level Domain) database (e.g., Verisign for `.com`) - **Domain Registrar**: Sells domains to customers (e.g., Namecheap, Cloudflare) - **Registrant**: You — the person who registers and holds the domain - **WHOIS**: Public database of domain ownership information - **EPP Code (Auth Code)**: Security code required to transfer a domain between registrars - **Domain Lock**: Prevents unauthorized transfers — keep it enabled - **Auto-Renewal**: Prevents accidental loss of your domain — enable it - **Grace Period**: Window after expiration to renew at standard price - **Redemption Period**: Recovery window after grace period, at high fees For the full expiration lifecycle, read What Happens When a Domain Expires?. For the registration process itself, see How to Register a Domain Name: Step-by-Step.