Anatomy of a Domain

Last updated: May 21, 2025

Introduction

diggingdns.com is a domain name.

Domain names are fundamental to how we use the Internet. They provide a human-friendly way to tell computers where to find specific resources or how to connect with each other. Every time you type an address like www.google.com into your browser or send an email to someone@example.com, you're using a domain name. Behind the scenes, your applications translate these names into network addresses to make the connection.

A domain name is typically a string of characters registered by an individual, organization, or government. Taking diggingdns.com as an example: diggingdns is the specific name we registered (more precisely, the Second-Level Domain or SLD part), and com is the Top-Level Domain (TLD) it's registered under.

You might also notice web addresses like www.diggingdns.com. Here, learning is a subdomain of diggingdns.com. This complete string, www.diggingdns.com, is an example of a hostname – a name that can be resolved to an address on the internet.

Understanding the parts of a domain name is easier if you read them from right to left, like a backwards postal address. You can start with the country (TLD), the city/state/main region (domain), and then the street (subdomain). It isn't a perfect analogy, but it helps to understand the accessibility of each part.

Top-Level Domains (TLDs)

The Top-Level Domain (TLD) is the segment of a domain name to the right of the very last dot. Common examples include .com, .org, and .net. You'll also see TLDs like .ca (for Canada) or .de (for Germany). These broadly fall into two main categories:

1. Generic TLDs (gTLDs)

Generic TLDs are the most common type. This group includes the well-known .com, .net, .org, .info, and .biz. They are often informally divided into:

Legacy gTLDs: Those that existed before the major expansion around 2012-2013 (e.g., .com, .edu).
New gTLDs (sometimes nTLDs): Hundreds of new gTLDs introduced from 2013 onwards, such as .guru, .photo, .london, or .online.

gTLDs are managed by various organizations called Registry Operators (or simply Registries). These can be businesses, non-profits, or other entities. To operate a gTLD, a Registry goes through an extensive application process with the Internet Corporation for Assigned Names and Numbers (ICANN), pays significant fees, and signs a contractual agreement.

Once a Registry operates a gTLD, they might:

Allow the public to register domain names within their TLD (e.g., yourname.com). This is typically done through ICANN-accredited companies called Registrars (like GoDaddy, Namecheap, etc.).
Impose restrictions. For example, the .bank TLD requires registrants to be verified financial institutions.
Use the TLD exclusively for their brand (e.g., Google using .google for its services) and not offer public registrations.

For many gTLDs, ICANN's Centralized Zone Data Service (CZDS) allows approved users (account creation is required) to access "zone files." A zone file is essentially a list of the domain names delegated within that TLD and the nameservers responsible for them, typically updated daily. Not all gTLDs are available via CZDS as Registries are free to provide their own systems and it is opt-in for them. Also, note that the zone files available are a snapshot, not real-time, and may miss changes that happen more than once in a 24 hour period.

We'll explore Registries and zone files more in a future post.

2. Country Code TLDs (ccTLDs)

The International Organization for Standardization (ISO) assigns unique two-letter codes to countries and some territories (e.g., US for the United States, JP for Japan). These codes form the basis for Country Code TLDs like .us or .jp.

Each ccTLD is typically managed by a designated organization within that country or territory (the ccTLD Registry). These ccTLD Registries generally have more autonomy than gTLD Registries and set their own rules, though they still coordinate with ICANN/IANA (Internet Assigned Numbers Authority) for their delegation in the global DNS root. This autonomy leads to a wide variety of policies:

Some ccTLDs are open for anyone in the world to register (e.g., .tv for Tuvalu, .io for the British Indian Ocean Territory – both popular globally).
Some work with commercial partners to promote their TLD internationally (e.g., .me for Montenegro).
Many restrict registration to citizens or organizations with a local presence in that country/region (e.g., .ca for Canada, .eu for the European Union, .su for the Soviet Union - which is still delegated and has domains in it).
Some are primarily used by their respective governments or for specific national initiatives.

The diverse policies of ccTLDs mean that understanding the specific rules for a given ccTLD is crucial for registration. From a security perspective, the stringency of these policies can also influence a ccTLD's reputation.

Registered Domains (The Part You Choose)

Moving left from the TLD, we find the part of the domain name that is actually registered by an individual or entity. In diggingdns.com, diggingdns is this registered part (technically, the label for the Second-Level Domain under .com).

This label must be between 1 and 63 characters long. It can contain letters (a-z, case-insensitive), numbers (0-9), and hyphens (-). However, a hyphen cannot be at the very beginning or end of this label. Modern domain names can also include non-Latin characters, thanks to a system called Internationalized Domain Names (IDNs).

Understanding Domain Structure: Public Suffixes and "Effective TLDs"

Sometimes, what you register isn't directly under a main TLD like .com but under a pre-defined suffix that itself is under a TLD. This is common with ccTLDs.

Consider the domain example.co.uk:

.uk is the ccTLD for the United Kingdom.
.co is a label under .uk. Together, .co.uk forms a common structure for commercial entities in the UK. When someone registers example.co.uk, they are registering example under the .co.uk structure. In this context, .co.uk acts like an "effective TLD" (eTLD) or a public suffix. You don't register .co.uk itself; you register a name within the .co.uk public suffix.

Other examples include .gov.uk (for UK government), .com.au (Australia), or .org.za (South Africa). The Public Suffix List (PSL) is a widely used, community-maintained list that defines these public suffixes. Browsers and other internet software use the PSL to correctly identify the registrable part of a domain name, which is important for things like cookie security and managing website data.

Subdomains (Building on Your Domain)

Once you have a registered domain (like diggingdns.com or example.co.uk), you can create subdomains to organize or extend its functionality. In www.diggingdns.com, learning is a subdomain of diggingdns.com. Subdomains appear to the left of your registered domain name or public suffix structure.

You can have multiple levels of subdomains, such as internal.apps.example.com. Each "label" between the dots is a subdomain of the portion to its right. The entire length of a fully qualified domain name, including all subdomains, the registered domain part, and the TLD, must not exceed 253 usable ASCII characters (and each individual label is still limited to 63 characters).

Why use subdomains?

Organization: To create distinct sections for a website (e.g., blog.example.com, shop.example.com).
Services: To point to different services (e.g., mail.example.com for email servers, api.example.com for developer APIs).
Development/Testing: To set up environments like dev.example.com or staging.example.com without affecting the main site.
Cost-Effective: Creating subdomains doesn't typically incur extra registration costs; they are managed through your domain's DNS settings.

It's generally not possible for the public to get a complete list of all subdomains for a given domain, as only the domain administrator would definitively know them all. However, security professionals and bad guys can use various techniques like DNS enumeration and analyzing Certificate Transparency logs to discover subdomains.)*

You'll also encounter services that provide you with a name under their domain, which acts as your subdomain. For example, creating a site on wordpress.com might give you myblog.wordpress.com, or a dynamic DNS service like noip.com might provide myhome.noip.com.

Hostnames (The Full Address for Services)

The term hostname generally refers to the unique, fully qualified label assigned to a device or service on a network that can be resolved to an IP address. This allows your computer to find and connect to it.

www.diggingdns.com is a hostname.
www.google.com is a hostname.
example.com (if it points directly to a server for a website) is also a hostname.

These are called Fully Qualified Domain Names (FQDNs) because they specify the complete path in the DNS hierarchy.

It's important to distinguish this from a TLD like .com or a public suffix like .co.uk, which are structural parts of the naming system but not typically hostnames you connect to directly for a specific service.

Educational Fun Point!

You also encounter hostnames in your local environment:

localhost: This is a special hostname that always refers to your own computer.
Local Machine Names: If you use a Mac and open a terminal, you might see something like chad@MacBookAir. MacBookAir is the local hostname for that computer. On Windows, you might see DESKTOP-ABC1234 as a computer name, which also acts as its local hostname. With the right network configuration, you could potentially access services on these devices from other computers on your home network using these hostnames.

Protocols like mDNS and Bonjour help discover and make devices visible, making it easy for your devices to connect from within a network.

Putting It All Together

Understanding these components—TLDs (generic and country code), registered domains, public suffixes, subdomains, and hostnames—gives you a solid grasp of how domain names are structured and used to navigate the vastness of the Internet. Each part plays a crucial role in ensuring that www.diggingdns.com takes you exactly where you intend to go!