.au Domain Observatory

Domain-layer governance

Domain-layer governance helps organisations keep public domain, DNS, registration and mail posture signals visible, explainable and managed.

Governance guideManaged assetsPublic trust signals

Direct answer

Domain-layer governance is the practice of treating domains, DNS, registration, mail posture and related public signals as managed organisational assets.

Plain-language explanation

Domains are public-facing organisational assets. They connect identity, communications, web presence, email, customer trust and service delivery.

Domain-layer governance means knowing which domains exist, who is responsible for them, how public DNS and registration settings are managed, and how visible changes are reviewed over time.

It is not only a technical concern. Domain-layer decisions often involve technology, security, communications, legal, procurement and supplier management.

Why it matters

Public domain-layer signals are often the first evidence available to outside observers when infrastructure, registration or mail posture changes.

A calm governance process helps teams distinguish expected administration from changes that need review or explanation.

The goal is not to treat every visible change as a concern. The goal is to make important public signals visible, consistent and explainable.

What .auDO observes

  • DNS records, including nameservers, address records, MX and TXT records
  • mail posture signals, including SPF and DMARC visibility
  • DNSSEC-related evidence
  • registration and RDAP context, including registrar, status, dates and redaction patterns where visible
  • derived provider context
  • repeated observations across dated reports

What public change may suggest

  • planned provider migration
  • registrar or supplier change
  • DNS hosting movement
  • mail provider or mail posture change
  • registration administration
  • portfolio consolidation
  • a governance process that should be documented for future reference
  • a topic worth reviewing with the domain owner when visible changes are not already explained

What it cannot prove

  • whether internal asset records are complete
  • whether a change was approved
  • whether a domain is well managed on its own
  • whether an organisation has good or poor governance
  • whether internal telemetry supports the same interpretation
  • why a supplier, registrar or DNS provider changed

Practical governance questions

  • Which domains matter most to the organisation?
  • Who owns registration, DNS, web and mail decisions for those domains?
  • Are registrar, DNS provider, mail provider and hosting records kept together?
  • Are public changes documented in a way governance readers can understand?
  • Are domain-layer signals reviewed regularly alongside supplier and service ownership records?
  • Is there a clear process for explaining visible changes to technology, security, legal and communications stakeholders?

These signal pages explain the specific public fields and observations that sit behind this explainer.

RDAPRegistrarRDAP statusDomain datesName serversDNS providerMX recordsSPFDMARCEmail providerDNSSEC

State pages summarise aggregate posture across the current .auDO observation panel. They are summaries, not scores.

State of .auRDAP and registration signalsRegistrar signalsDNS providersEmail providersDMARC postureDNSSEC posture

Explore observed context

For broader context, use dated reports, observed cohorts and methodology notes. These views help connect plain-language governance concepts to actual observed evidence across the .auDO panel.

ReportsObserved cohortsMethodologyAll explainers