Cloudflare, the content delivery network and website security provider, has increasingly been pushing into businesses that intersect with its core missions. Earlier this year, the company rolled out a new, free DNS service to help Internet users evade censorship (including an encrypted DNS service to evade surveillance of domain address queries).
While Cloudflare had already been handling domain registration through the company’s Enterprise Registrar service, that service was intended for some of Cloudflare’s high-end customers who wanted extra levels of security for their domain names. The new domain registrar business—called Cloudflare Registrar—will eventually be open to anyone, and it will charge exactly what it costs for Cloudflare to register a domain. As Cloudflare CEO Matthew Prince wrote in a blog post yesterday, “We promise to never charge you anything more than the wholesale price each TLD charges.” That includes the small fee assessed by ICANN for each registration.
Prince said that he was motivated to take the company into the registrar business because of Cloudflare’s own experience with registrars and by the perception that many registrars are in the business mostly to up-sell things that require no additional effort. “All the registrar does is record you as the owner of a particular domain,” Prince said. “That just involves sending some commands to an API. In other words, domain registrars are charging you for being a middle-man and delivering essentially no value to justify their markup.” Charging overhead for that sort of service, Prince said, “seemed as nutty to us as certificate authorities charging to run a bit of math.” (Cloudflare also provides free SSL certificates.)
While Cloudflare Registrar will not charge more for the privilege of registering domain ownership, the service will also enable two-factor authentication for all domain registration accounts, lock domain registrations to prevent transfers by default, and automatically enable services such as Domain Name System Security Extensions (DNSSEC)—one of the things registrars frequently charge for.
Along with a couple of other new services—including Encrypted Server Name Indication (which conceals the unencrypted hostname sent as part of TLS-encrypted Web requests) and a new key-value store for Cloudflare “workers” that enables high-performance distributed applications that run within Cloudflare’s CDN cloud—this addition to Cloudflare’s services edges the company toward being a very low-cost, single-stop shop for Internet infrastructure. Still, giving a single company power over your domain registration, certificates, authoritative DNS services, DNS lookups, and CDN delivery might just be a tad disconcerting to some.