Skip Navigation

How does domain names work?

Who determines who owns a domain name? International organization? Do unrecognized countries also get their own top-level domain? If someone or some organization wanted to register a website for highly illegal activities (terrorism, crime organizations, etc) who has the authority to shut them down? Does one government has the authority, or does it require a majority of the countries? What if, say, North Korea hosted a website advocating terrorism? Who can take that down?

14
14 comments
  • I think I should own .world

    27
  • While everyone has covered the common cases with domains, I'll cover the less common with a basic overview of domains.

    Domains are basically just mapping an IP address to a human-readable string. 127.0.0.1 might be hard to remember. But "localhost" is easy to remember. Domain Name Servers and ICANN have developed a ton of RFCs to support making the internet easy to use and safe. This has also made the whole notion of domains a bit complicated.

    But - like I said - they are basically just mapping an IP address to a human-readable string.

    IP addresses are unique for a given network. On your local network, you have a unique IP address (e.g. 192.168.1.50). This is unique to the local network. But if you Google for your "public IP address" you'll see that it's different than your local address. The public IP address you have is assigned by your internet service provider (ISP). It's basically the IP address of your home.

    Every computer has things to optimize the domain name lookup for a given IP address. For example, your browser might cache something like google.com points to the IP address 192.168.1.50. Computers also usually have a "hosts" file. You can manually edit this file so that your computer will always try to resolve a particular IP address given a domain name. You can map Google.com to your localhost 127.0.0.1.

    So the case of "who owns a domain" is actually dependent on how your computer and network is setup. You can own Google.com on your own personal computer. You just edit the /etc/hosts file (on Linux). If you own the router and have access, you can "trick" computers in thinking google.com maps to your computer's IP address. Thus in that case, you own the domain for the local network.

    But your ISP owns their network. The one you use to access the internet. And they have a vested interest in making sure it adheres to the ICANN DNS resolutions. You can change your DNS server to anything you want. Doing so is usually safe since it's often 8.8.8.8 or 1.1.1.1, but I suppose it's possible you could choose a DNS server that is malicious. Though thanks to SSL they can't do much.

    Now you might be thinking: wait, if I'm on a local network, they can trick my computer into thinking a domain is valid when it's really being routed to malicious server? Technically yes. However that's why HTTPS exists. We use certs via a Certificate Authority to validate that the IP address you're accessing is mapped to the right domain. That's why it's important you always make sure SSL is on a website (usually represented by the little lock icon in the search bar)

    10
  • It's an international agreement as per https://www.cloudflare.com/learning/dns/top-level-domain/

    10
  • The physical location of the registrar plays a role in who had authority. There's also the location of the site itself to consider, though that's harder with things like cloud hosts or the TOR network. It's also possible that a government could require all ISPs in their country to redirect or sinkhole the requests from their users, but that leaves the door open for end users to change their DNS provider.

    Short version, it depends. There are a lot of variables in play and levers to pull.

    4
You've viewed 14 comments.