"You can only rent a domain."

If ICANN-approved root.zone and ICANN-approved registries are the only options.

As an experiment I created own registry, not shared with anyone. For many years I have run own root server, i.e., I serve own custom root.zone to all computers I own. I have a search experiment that uses a custom TLD that embeds a well-known classification system. The TLD portion of the domainname can catgorise any product or service on Earth.

ICANN TLDs are vague, ambiguous, sometimes even deceptive.

You should write something about this…

This sounds like a wonderful project, do you have any documentation of the process you wouldn't mind sharing? Would love to play around with something similar to what you did, almost like a mini-internet.

Is there any difference here from running a normal DNS server?

Any of your special domains will be ones your server claims as authoritative, so I don't understand why you need a root server?

"Is there any difference here from running a normal DNS server?"

Yes.

Do you also have a trusted TLS certificate authority? If yes, how has been your experience maintaining and securing it?

For this system, I have alternatives to "TLS" and to "trusted TLS certificate authorities".

None of this is connected to the internet. It is "home lab" stuff.

I have alternatives for so-called "modern" web browsers controlled by advertising companies, too.

For all the third-party-mediated stuff on today's internet I generally have alternatives that let me have more control.

> The landlord is merciless if you miss a payment, you are out.

That’s a skill issue though.

I have a domain that i used to pre-pay for years in advance.

For my current main domain i had prepaid nine years in advance and it was paid up to 2028. A couple of years ago i topped it up and now it’s prepaid up to 2032.

It’s not much money (when I prepaid for 9 years i spent like 60€ or so) and you’re usually saving because you’re fixing the price so skipping price hikes, inflation etc.

Host the wrong content, you are out, get sued because of someone elses trademark on your domain, you are out, registrar actually dissolved or has weird stuff? out.

True...but there are alternative approaches...such as maybe register a couple (not alot) of alternative, different domains. I think the trick is to keep the number of alternative domains low enough that it wont break the bank, but still give the option of serving as sort of backups. Then again, one would need to understand one's "threat" model before beginning to post content that might be "attacked" by others.

Which is why I included the third one - even if you don't piss off a sovereign no technology hosting company is forever.

> ...no technology hosting company is forever.

Yeah, good point!

It's something of a technical limitation though: there's no reason all my devices - the consumers of my domain name - couldn't just accept that anything signed with some key is actually XorNot.com or whatever...but good luck keeping that configuration together.

You very reasonably could replace the whole system with just "lists of trusted keys to names" if the concept has enough popular technical support.