Domain Name Contacts

When you register a domain name, the registrar asks for your contact information:

• Full name
• Postal address
• Email address
• Phone number
• Etc.

This information allows third parties to contact a relevant person about the given domain name. For example, authorities may contact a domain owner in case of unlawful usage of their domain (ex: phishing, illegal content).

Contact Roles

Registries and registrars use a "role" system to assign contacts.

This allows domain name owners to define who should be contacted in various situations (ex: technical vs administrative). This system also allows registrars to perform role-based authorization for various actions (transfers, delegation records updates, contact updates, etc.).

The four common roles are registrant, admin, tech, and billing.

The registrant contact (aka owner, or holder) is the person that owns the domain name. NB: To be more precise, the registrants rents the domain from the registry, they don't "own" it.

The admin contact is a person that also has full administrative rights over the domain. It is usually the same person as the owner, but this could also be a third party that manages the domain on behalf of the official owner.

The tech contact is a person allowed to perform technical operations on the domain name. For example: updating delegation records. They should not have the same level of rights as the registrant or admin.

The billing contact is used internally by registrars for invoicing purposes. This role is not relevant for registries since they just bill the registrar.

NB: It's very common for domains to have the same contact for the four roles (owner, admin, tech, and billing).

WHOIS & RDAP Privacy

Domain name contacts may be exposed by the registrar or the registry via WHOIS (or RDAP).

Most registrars allow individual registrants to hide their personal information in WHOIS and RDAP responses by providing an aliased email address and hiding other personal data such as the name and phone number.

In OSINT, information leaked in WHOIS and RDAP responses is often exploited to learn more about a target.

Thin vs Thick Registries

Some registries are also responsible for storing the contact information of domain holders (traditionally, all of them). These are called "thick" registries. Registries that don't store contact information about the domain holders are called "thin" registries (this is the case for many gTLDs nowadays).

NB: Since a registry can manage multiple TLDs, it may act as a thick registry for some of its TLDs and as thin registry for its others.

Data Escrow

ICANN requires gTLD registars and registries to backup certain domain contact data (and domain name registration data) to approved escrow agents. If the registrar or registry loses its data, then the escrow agent can provide a trusted source of truth regarding who owns a domain.

TLD-Specific Contact Fields

TLDs can choose to ask for whatever information they deem relevant about a domain's contact. This means there is not a single source of truth for what a "contact" is.

Although, you will almost always find the same basic fields (name, email address, etc.), ccTLDs will very often ask for country-specific information (ex: "code fiscale" for .it domains). Some restricted TLDs may also require a membership verification.

Trades

Very often, domains get traded, their ownership gets transferred to another party (for example in case of resell or company merger). This ownership change is called a "trade". Registries do not generally charge for trades but it can be the case.

Trustees

Country-code TLDs sometimes require the owner of the domain to be a citizen of a specific state, however to bypass this requirement, registrars may provide a "trustee" system to allow a non-eligible person to register a domain via a trusted third party.

References

• Registrar Data Escrow Program
• ICANN-approved Data Escrow Agents