This article is about domain names in the Internet. For other uses, seeDomain (disambiguation).
An annotated example of a domain name
In theInternet, adomain name is astring that identifies a realm of administrative autonomy, authority or control. Domain names are often used to identify services provided through the Internet, such aswebsites,email services and more. Domain names are used in various networking contexts and for application-specific naming and addressing purposes. In general, a domain name identifies anetwork domain or anInternet Protocol (IP) resource, such as a personal computer used to access the Internet, or a server computer.
Domain names are formed by the rules and procedures of theDomain Name System (DNS). Any name registered in the DNS is a domain name. Domain names are organized in subordinate levels (subdomains) of theDNS root domain, which is nameless. The first-level set of domain names are thetop-level domains (TLDs), including thegeneric top-level domains (gTLDs), such as the prominent domainscom,info,net,edu, andorg, and thecountry code top-level domains (ccTLDs). Below these top-level domains in the DNS hierarchy are the second-level and third-level domain names that are typically open for reservation by end-users who wish to connect local area networks to the Internet, create other publicly accessible Internet resources or run websites, such as "wikipedia.org". The registration of a second- or third-level domain name is usually administered by adomain name registrar who sell its services to the public.
Afully qualified domain name (FQDN) is a domain name that is completely specified with all labels in the hierarchy of the DNS, having no parts omitted. Traditionally a FQDN ends in a dot (.) to denote the top of the DNS tree.[1] Labels in the Domain Name System arecase-insensitive, and may therefore be written in any desired capitalization method, but most commonly domain names are written in lowercase in technical contexts.[2]Ahostname is a domain name that has at least one associatedIP address.
Purpose
Domain names serve to identify Internet resources, such as computers, networks, and services, with a text-based label that is easier to memorize than the numerical addresses used in the Internet protocols. A domain name may represent entire collections of such resources or individual instances. Individual Internet host computers use domain names as host identifiers, also calledhostnames. The termhostname is also used for the leaf labels in the domain name system, usually without further subordinate domain name space. Hostnames appear as a component inUniform Resource Locators (URLs) for Internet resources such aswebsites (e.g., en.wikipedia.org).
Domain names are also used as simple identification labels to indicate ownership or control of a resource. Such examples are the realm identifiers used in theSession Initiation Protocol (SIP), theDomain Keys used to verify DNS domains ine-mail systems, and in many otherUniform Resource Identifiers (URIs).
An important function of domain names is to provide easily recognizable and memorizable names to numericallyaddressed Internet resources. This abstraction allows any resource to be moved to a different physical location in the address topology of the network, globally or locally in anintranet. Such a move usually requires changing the IP address of a resource and the corresponding translation of this IP address to and from its domain name.
Domain names are used to establish a unique identity. Organizations can choose a domain name that corresponds to their name, helping Internet users to reach them easily.
A generic domain is a name that defines a general category, rather than a specific or personal instance, for example, the name of an industry, rather than a company name. Some examples of generic names arebooks.com,music.com, andtravel.info. Companies have created brands based on generic names, and such generic domain names may be valuable.[3]
Domain names are often simply referred to asdomains and domain name registrants are frequently referred to asdomain owners, although domain name registration with a registrar does not confer any legal ownership of the domain name, only an exclusive right of use for a particular duration of time. The use of domain names in commerce may subject them totrademark law.
The practice of using a simple memorable abstraction of a host's numerical address on a computer network dates back to theARPANET era, before the advent of today's commercial Internet. In the early network, each computer on the network retrieved the hosts file (host.txt) from a computer at SRI (nowSRI International),[4][5] which mapped computer hostnames to numerical addresses. The rapid growth of the network made it impossible to maintain a centrally organized hostname registry and in 1983 the Domain Name System was introduced on the ARPANET and published by theInternet Engineering Task Force as RFC 882 and RFC 883.
The following table shows the first five.com domains with the dates of their registration:[6]
The hierarchy of labels in a fully qualified domain name
The domain name space consists of atree of domain names. Each node in the tree holds information associated with the domain name. The tree sub-divides intozones beginning at theDNS root zone.
Domain name syntax
A domain name consists of one or more parts, technically calledlabels, that are conventionally concatenated, and delimited by dots, such asexample.com.
The right-most label conveys thetop-level domain; for example, the domain namewww.example.com belongs to the top-level domaincom.
The hierarchy of domains descends from the right to the left label in the name; each label to the left specifies a subdivision, orsubdomain of the domain to the right. For example: the labelexample specifies a nodeexample.com as a subdomain of thecom domain, andwww is a label to createwww.example.com, a subdomain ofexample.com. Each label may contain from 1 to 63octets. The empty label is reserved for the root node and when fully qualified is expressed as the empty label terminated by adot. The full domain name may not exceed a total length of 253 ASCII characters in its textual representation.[8]
Ahostname is a domain name that has at least one associated IP address. For example, the domain nameswww.example.com andexample.com are also hostnames, whereas thecom domain is not. However, other top-level domains, particularlycountry code top-level domains, may indeed have an IP address, and if so, they are also hostnames.
Hostnames impose restrictions on the characters allowed in the corresponding domain name. A valid hostname is also a valid domain name, but a valid domain name may not necessarily be valid as a hostname.
Top-level domains
When the Domain Name System was devised in the 1980s, the domain name space was divided into two main groups of domains.[9] Thecountry code top-level domains (ccTLD) were primarily based on the two-character territory codes ofISO-3166 country abbreviations. In addition, a group of sevengeneric top-level domains (gTLD) was implemented which represented a set of categories of names and multi-organizations.[10] These were the domainsgov,edu,com,mil,org,net, andint. These two types oftop-level domains (TLDs) are the highest level of domain names of the Internet. Top-level domains form theDNS root zone of the hierarchicalDomain Name System. Every domain name ends with a top-level domain label.
During the growth of the Internet, it became desirable to create additional generic top-level domains. As of October 2009, 21 generic top-level domains and 250 two-letter country-code top-level domains existed.[11] In addition, theARPA domain serves technical purposes in the infrastructure of the Domain Name System.
During the 32nd International Public ICANN Meeting in Paris in 2008,[12] ICANN started a new process of TLD naming policy to take a "significant step forward on the introduction of new generic top-level domains." This program envisions the availability of many new or already proposed domains, as well as a new application and implementation process.[13] Observers believed that the new rules could result in hundreds of new top-level domains to be registered.[14] In 2012, the program commenced, and received 1930 applications.[15] By 2016, the milestone of 1000 live gTLD was reached.
For special purposes, such as network testing, documentation, and other applications, IANA also reserves a set of special-use domain names.[17] This list contains domain names such asexample,local,localhost, andtest. Other top-level domain names containing trade marks are registered for corporate use. Cases include brands such asBMW,Google, andCanon.[18]
Second-level and lower level domains
Below the top-level domains in the domain name hierarchy are thesecond-level domain (SLD) names. These are the names directly to the left of .com, .net, and the other top-level domains. As an example, in the domainexample.co.uk,co is the second-level domain.
Next are third-level domains, which are written immediately to the left of a second-level domain. There can be fourth- and fifth-level domains, and so on, with virtually no limitation. Each label is separated by afull stop (dot). An example of an operational domain name with four levels of domain labels issos.state.oh.us. 'sos' is said to be a sub-domain of 'state.oh.us', and 'state' a sub-domain of 'oh.us', etc. In general,subdomains are domains subordinate to their parent domain. An example of very deep levels of subdomain ordering are theIPv6 reverse resolutionDNS zones, e.g., 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa, which is the reverse DNS resolution domain name for the IP address of aloopback interface, or thelocalhost name.
Second-level (or lower-level, depending on the established parent hierarchy) domain names are often created based on the name of a company (e.g.,bbc.co.uk), product or service (e.g.hotmail.com). Below these levels, the next domain name component has been used to designate a particular host server. Therefore,ftp.example.com might be an FTP server,www.example.com would be aWorld Wide Web server, andmail.example.com could be an email server, each intended to perform only the implied function. Modern technology allows multiple physical servers with either different (cf.load balancing) or even identical addresses (cf.anycast) to serve a single hostname or domain name, or multiple domain names to be served by a single computer. The latter is very popular inWeb hosting service centers, where service providers host the websites of many organizations on just a few servers.
The hierarchicalDNS labels or components of domain names are separated in a fully qualified name by thefull stop (dot,.).
The character set allowed in the Domain Name System is based onASCII and does not allow the representation of names and words of many languages in their native scripts or alphabets.ICANN approved theInternationalized domain name (IDNA) system, which mapsUnicode strings used in application user interfaces into the valid DNS character set by an encoding calledPunycode. For example, københavn.eu is mapped to xn--kbenhavn-54a.eu. Manyregistries have adopted IDNA.
Domain name registration
History
The first commercial Internet domain name, in the TLDcom, was registered on 15 March 1985 in the namesymbolics.com by Symbolics Inc., a computer systems firm in Massachusetts.[19][20]
By 1992, fewer than 15,000com domains had been registered.
In the first quarter of 2015, 294 million domain names had been registered.[21] A large fraction of them are in thecom TLD, which as of December 21, 2014, had 115.6 million domain names,[22] including 11.9 million online business and e-commerce sites, 4.3 million entertainment sites, 3.1 million finance related sites, and 1.8 million sports sites.[23] As of July 15, 2012, thecom TLD had more registrations than all of the ccTLDs combined.[24]
As of December 31, 2023,[update] 359.8 million domain names had been registered.[25]
Administration
The right to use a domain name is delegated bydomain name registrars, which are accredited by theInternet Corporation for Assigned Names and Numbers (ICANN), the organization charged with overseeing the name and number systems of the Internet. In addition to ICANN, each top-level domain (TLD) is maintained and serviced technically by an administrative organization operating a registry. A registry is responsible for maintaining the database of names registered within the TLD it administers. The registry receives registration information from each domain name registrar authorized to assign names in the corresponding TLD and publishes the information using a special service, theWHOIS protocol.
Registries and registrars usually charge an annual fee for the service of delegating a domain name to a user and providing a default set of name servers. Often, this transaction is termed a sale or lease of the domain name, and the registrant may sometimes be called an "owner", but no such legal relationship is actually associated with the transaction, only the exclusive right to use the domain name. More correctly, authorized users are known as "registrants" or as "domain holders".
ICANN publishes the complete list of TLD registries and domain name registrars. Registrant information associated with domain names is maintained in an online database accessible with the WHOIS protocol. For most of the 250country code top-level domains (ccTLDs), the domain registries maintain the WHOIS (Registrant, name servers, expiration dates, etc.) information.
Some domain name registries, often callednetwork information centers (NIC), also function as registrars to end-users. The major generic top-level domain registries, such as for thecom,net,org,info domains and others, use a registry-registrar model consisting of hundreds of domain name registrars (see lists at ICANN[26] or VeriSign).[27] In this method of management, the registry only manages the domain name database and the relationship with the registrars. Theregistrants (users of a domain name) are customers of the registrar, in some cases through additional layers of resellers.
There are also a few otheralternative DNS root providers that try to compete or complement ICANN's role of domain name administration, however, most of them failed to receive wide recognition, and thus domain names offered by those alternative roots cannot be used universally on most other internet-connecting machines without additional dedicated configurations.
Technical requirements and process
In the process of registering a domain name and maintaining authority over the new name space created, registrars use several key pieces of information connected with a domain:
Administrative contact. A registrant usually designates an administrative contact to manage the domain name. The administrative contact usually has the highest level of control over a domain. Management functions delegated to the administrative contacts may include management of all business information, such as name of record, postal address, and contact information of the official registrant of the domain and the obligation to conform to the requirements of the domain registry in order to retain the right to use a domain name. Furthermore, the administrative contact installs additional contact information for technical and billing functions.
Technical contact. The technical contact manages the name servers of a domain name. The functions of a technical contact include assuring conformance of the configurations of the domain name with the requirements of the domain registry, maintaining the domain zone records, and providing continuous functionality of the name servers (that leads to the accessibility of the domain name).
Billing contact. The party responsible for receiving billing invoices from thedomain name registrar and paying applicable fees.
Name servers. Most registrars provide two or more name servers as part of the registration service. However, a registrant may specify its ownauthoritative name servers to host a domain's resource records. The registrar's policies govern the number of servers and the type of server information required. Some providers require a hostname and the corresponding IP address or just the hostname, which must be resolvable either in the new domain, or exist elsewhere. Based on traditional requirements (RFC 1034), typically a minimum of two servers is required.
A domain name consists of one or more labels, each of which is formed from the set of ASCII letters, digits, and hyphens (a–z, A–Z, 0–9, -), but not starting or ending with a hyphen. The labels are case-insensitive; for example, 'label' is equivalent to 'Label' or 'LABEL'. In the textual representation of a domain name, the labels are separated by afull stop (period).
Business models
Domain names are often seen in analogy toreal estate in that domain names are foundations on which a website can be built, and the highestquality domain names, like sought-after real estate, tend to carry significant value, usually due to their online brand-building potential, use in advertising,search engine optimization, and many other criteria.
A few companies have offered low-cost, below-cost, or even free domain registration with a variety of models adopted to recoup the costs to the provider. These usually require that domains be hosted on their website within a framework or portal that includes advertising wrapped around the domain holder's content, revenue from which allows the provider to recoup the costs. Domain registrations were free of charge when the DNS was new. A domain holder may provide an infinite number ofsubdomains in their domain. For example, the owner of example.org could provide subdomains such as foo.example.org and foo.bar.example.org to interested parties.
Many desirable domain names are already assigned and users must search for other acceptable names, using Web-based search features, orWHOIS anddig operating system tools. Many registrars have implementeddomain name suggestion tools which search domain name databases and suggest available alternative domain names related to keywords provided by the user.
The business of resale of registered domain names is known as thedomain aftermarket. Various factors influence the perceived value or market value of a domain name. Most of the high-prize domain sales are carried out privately.[28] Also, it is called confidential domain acquiring or anonymous domain acquiring.[29]
Domain name confusion
Intercapping is often used to emphasize the meaning of a domain name, because DNS names are not case-sensitive. Some names may be misinterpreted in certain uses of capitalization. For example:Who Represents, a database of artists and agents, chosewhorepresents.com,[30] which can be misread. In such situations, the proper meaning may be clarified by placement of hyphens when registering a domain name. For instance,Experts Exchange, a programmers' discussion site, usedexpertsexchange.com, but changed its domain name toexperts-exchange.com.[31]
A domain name may point to multipleIP addresses to provide server redundancy for the services offered, a feature that is used to manage the traffic of large, popular websites.
Web hosting services, on the other hand, run servers that are typically assigned only one or a few addresses while serving websites for many domains, a technique referred to asvirtual web hosting. Such IP address overloading requires that each request identifies the domain name being referenced, for instance by using theHTTP request header fieldHost:, orServer Name Indication.
Abuse and regulation
Critics often claim abuse of administrative power over domain names. Particularly noteworthy was the VeriSignSite Finder system which redirected all unregistered .com and .net domains to a VeriSign webpage. For example, at a public meeting withVeriSign to air technical concerns aboutSite Finder,[32] numerous people, active in theIETF and other technical bodies, explained how they were surprised by VeriSign's changing the fundamental behavior of a major component of Internet infrastructure, not having obtained the customary consensus. Site Finder, at first, assumed every Internet query was for a website, and it monetized queries for incorrect domain names, taking the user to VeriSign's search site. Other applications, such as many implementations of email, treat a lack of response to a domain name query as an indication that the domain does not exist, and that the message can be treated as undeliverable. The original VeriSign implementation broke this assumption for mail, because it would always resolve an erroneous domain name to that of Site Finder. While VeriSign later changed Site Finder's behaviour with regard to email, there was still widespread protest about VeriSign's action being more in its financial interest than in the interest of the Internet infrastructure component for which VeriSign was the steward.
Despite widespread criticism, VeriSign only reluctantly removed it after theInternet Corporation for Assigned Names and Numbers (ICANN) threatened to revoke its contract to administer the root name servers. ICANN published the extensive set of letters exchanged, committee reports, and ICANN decisions.[33]
There is also significant disquiet regarding the United States Government's political influence over ICANN. This was a significant issue in the attempt to create a.xxxtop-level domain and sparked greater interest inalternative DNS roots that would be beyond the control of any single country.[34]
Additionally, there are numerous accusations ofdomain name front running, whereby registrars, when given whois queries, automatically register the domain name for themselves. Network Solutions has been accused of this.[35]
In the early 21st century, the US Department of Justice (DOJ) pursued theseizure of domain names, based on the legal theory that domain names constitute property used to engage in criminal activity, and thus are subject toforfeiture. For example, in the seizure of the domain name of a gambling website, the DOJ referenced18 U.S.C.§ 981 and18 U.S.C.§ 1955(d).[36][1] In 2013 the US government seizedLiberty Reserve, citing18 U.S.C.§ 982(a)(1).[37]
The U.S. Congress passed theCombating Online Infringement and Counterfeits Act in 2010. Consumer Electronics Association vice president Michael Petricone was worried that seizure was ablunt instrument that could harm legitimate businesses.[38][39] After a joint operation on February 15, 2011, the DOJ and the Department of Homeland Security claimed to have seized ten domains of websites involved in advertising and distributing child pornography, but also mistakenly seized the domain name of a large DNS provider, temporarily replacing 84,000 websites with seizure notices.[40]
PIPCU and other UK law enforcement organisations make domain suspension requests toNominet which they process on the basis of breach of terms and conditions. Around 16,000 domains are suspended annually, and about 80% of the requests originate from PIPCU.[42]
ICANN Business Constituency (BC) has spent decades trying to make IDN variants work at the second level, and in the last several years at the top level. Domain name variants are domain names recognized in different character encodings, like a single domain presented intraditional Chinese andsimplified Chinese. It is anInternationalization and localization problem. Under Domain Name Variants, the different encodings of the domain name (in simplified and traditional Chinese) would resolve to the same host.[44][45]
According toJohn Levine, an expert on Internet related topics, "Unfortunately, variants don't work. The problem isn't putting them in the DNS, it's that once they're in the DNS, they don't work anywhere else."[44]
Fictitious domain name
Afictitious domain name is a domain name used in a work of fiction or popular culture to refer to a domain that does not actually exist, often with invalid or unofficialtop-level domains such as ".web", a usage exactly analogous to the dummy555 telephone number prefix used in film and other media. The canonical fictitious domain name is "example.com", specifically set aside by IANA in RFC 2606 for such use, along with the.example TLD.
Domain names used in works of fiction have often been registered in the DNS, either by their creators or bycybersquatters attempting to profit from it. This phenomenon promptedNBC to purchase the domain nameHornymanatee.com after talk-show hostConan O'Brien spoke the name while ad-libbing onhis show. O'Brien subsequently created a website based on the concept and used it as arunning gag on the show.[46] Companies whose works have used fictitious domain names have also employed firms such asMarkMonitor to park fictional domain names in order to prevent misuse by third parties.[47]
Misspelled domain names, also known astyposquatting orURL hijacking, are domain names that are intentionally or unintentionally misspelled versions of popular or well-known domain names. The goal of misspelled domain names is to capitalize on internet users who accidentally type in a misspelled domain name, and are then redirected to a different website.
Misspelled domain names are often used for malicious purposes, such asphishing scams or distributingmalware. In some cases, the owners of misspelled domain names may also attempt to sell the domain names to the owners of the legitimate domain names, or to individuals or organizations who are interested in capitalizing on the traffic generated by internet users who accidentally type in the misspelled domain names.
To avoid being caught by a misspelled domain name, internet users should be careful to type in domain names correctly, and should avoid clicking on links that appear suspicious or unfamiliar. Additionally, individuals and organizations who own popular or well-known domain names should consider registering common misspellings of their domain names in order to prevent others from using them for malicious purposes.
Domain name spoofing
The termDomain name spoofing (or simply though less accurately,Domain spoofing) is used generically to describe one or more of a class ofphishing attacks that depend on falsifying or misrepresenting an internet domain name.[48][49] These are designed to persuade unsuspecting users into visiting a web site other than that intended, or opening an email that is not in reality from the address shown (or apparently shown).[50] Although website and email spoofing attacks are more widely known, any service that relies ondomain name resolution may be compromised.
Types
There are a number of better-known types of domain spoofing:
Typosquatting, also called "URL hijacking", a "sting site", or a "fake URL", is a form ofcybersquatting, and possiblybrandjacking which relies on mistakes such astypos made by Internet users when inputting awebsite address into aweb browser or composing anemail address. Should a user accidentally enter an incorrect domain name, they may be led to any URL (including an alternative website owned by a cybersquatter).[51]
The typosquatter'sURL will usually be one of five kinds, allsimilar to the victim site address:
A common misspelling, or foreign language spelling, of the intended site
IDN homograph attack. This type of attack depends on registering a domain name that is similar to the 'target' domain, differing from it only because its spelling includes one or more characters that come from a different alphabet but look the same to the naked eye. For example, theCyrillic,Latin, andGreek alphabets each have their own letterA, each of which has its own binarycode point.Turkish has adotless letter i (ı) that may not be perceived as different from the ASCII letteri. Most web browsers warn of 'mixed alphabet' domain names,[52][53][54][55] Other services, such as email applications, may not provide the same protection. Reputabletop level domain andcountry code domain registrars will not accept applications to register a deceptive name but this policy cannot be presumed to be infallible.
