I'm going to catalogue my experience with domain registrars in the creation of this simple site. For context, I only have two hard requirements for a registrar: first, that there is WHOIS protection in place (because anyone on the internet knowing your full name, phone number, and especially your home address is absolutely ridiculous), and second, that they support DKIM 2048 TXT entries for email (I didn't need this until yesterday, but now I do).
I don't know what I was expecting, really. The reason I have an .xyz domain is primarily because they were something like $1 or $2 at the time I bought it on Epik, though I may have liked having one anyways because I have a fondness for the letter "x". In turn, I only really used Epik because it was the recommended registrar on LandChad.net (a Luke Smith site). I was aware that the content hosted by Epik was pretty untoward and not really what I agree with on any level, but I figured that that was not necessarily Epik's fault, and more a fault of the fact that they kind of let anything go on their platform. Ultimately I chose to go with them, and then pretty soon after their database was hacked by Anonymous and it was exposed that their security was absolutely, tremendously awful. So much for that WHOIS protection (and my old debit card information), because it all got posted publicly in a data dump!
Hover was a little more expensive than Epik (what with Epik's ridiculously low prices, which, looking back, I wonder why...), but still reasonable. My domain was only $15 every two years to renew, and they had WHOIS protection built in, which was great. However, I believe they asked for my transfer verification code before showing me what the price would be, which is awful (anyone with that code can instantaneously steal your website, permanently), but I went through with the transfer anyways. Besides that, the only problem happened yesterday, when I set up an email server so that I could receive messages from people who viewed the site. I finished the installation using emailwiz (another Luke Smith tool), and had everything configured properly, except the final step was to copy over some TXT entries to my DNS. One of them is the DKIM 2048 public security key (or something, I think it has to do with sender verification) which ended up being about 410 characters long. Hover has a strict 255 character limit for TXT entries (which I think is standard for DNS), and does not have any way of stringing together multiple TXT entries into a long entry (which is not standard, DKIM 2048 should be supported), making the registrar useless to me. I sent in a support email asking about DKIM 2048 and whether or not it was supported, what I needed to do, whether or not they could do it for me, and mentioned if I could not have DKIM 2048 I would have to move my domain to a different registrar. 18 hours later, I still had not received a reply, which is absolutely ridiculous for a service such as a domain registrar. I've since moved my domain, and after moving it I found through a search that Hover has specifically known about this for 4 years and done nothing about it. So, good riddance.
Update May 28, 2022: I finally received a response five days after my original question was asked, which is way too long on a time critical system such as a domain registrar and for what boiled down to a pretty simple question. To quote (with intro and tail redacted):
Hover's DNS platform has a limitation of 255 characters. I'm afraid 2048 bit DKIM records exceed this limit and cannot be installed onto Hover DNS.
Alternatively, you can install a 1024 bit DKIM record which is compatible with Hover DNS.
If you absolutely require the 2048 bit DKIM record, you will want to consider managing the DNS for your domain with a third-party provider such as CloudFlare.
I don't really want CloudFlare in my life, thank you very much. Actually, clearly they're able to get it to work, right? So why can't you? Why do I pay you to manage my DNS if you're just going to ask me to manage my DNS somewhere else?
With DreamHost, WHOIS protection is provided by default, and they seem to mention DKIM directly on their site, which is more than most other registrars I looked at. But they don't use the traditional, tried-and-true method of transferring domains using a verification code, they try and do it automatically or something. Not only that, in the instructions on how to transfer they require you to turn off your WHOIS protection on your previous domain before the transfer. The entire site ended up erroring out after I entered my credit card information, however, even with my WHOIS protection turned off (which I felt extremely uncomfortable doing even for an instant). When I quit out and tried again, the whole site errored out yet again on a different error message. Unbelievable. And you expect me to trust you with my domain?
They charge extra for WHOIS protection, but at this point I didn't really care, I just wanted to put my site up somewhere else. I went to transfer domains, and they asked for my transfer verification code, but they asked before they even told me what the price to register would be yet again. I just said whatever and tried putting in my verification code, but it didn't work. Wait, what? Why didn't it work? I don't know what happened or how terrible this site must be, but the code was just flat out refused like it was typed wrong or something. I copied it directly using Hover's copy button and it's exactly right. I don't think I'll ever know what that was about.
Squarespace is more well known for website hosting than being a domain registrar, but they are one, and they provide full WHOIS protection at no cost. However, their rates are pretty high ($20 every year, versus Hover's rate of $15 every two years). Not only that, they ask for your verification code before telling you the price AGAIN! The DNS configuration page is all smushed into the left side of the window too because the site keeps trying to show me what my site through Squarespace is going to look like. Thanks but no thanks, I don't want a crappy default Squarespace web page, I have a website already. They also nuked a lot of my DNS records and replaced them with some junk linking to a default site, as well as taking out some other random OpenAlias and DMARC entries for no good reason without asking me first. I just ignored all of this nonsense and put in my DNS information and my DKIM 2048 TXT entry worked just by simply copy-and-pasting it into the box with no user-facing character limit. Great. That's literally all I wanted this whole time. Mysteriously, the help page, which lists DKIM 2048, mentions that it has to be split into two entries, but it works just fine in one? I don't know why. Technically it says you "can" split it across two entries, but it works fine without that, so saying that is confusing if they meant it was just optional. Otherwise the documentation is just wrong.
I'm currently using Squarespace as I write this, and so far things are alright, but we'll see what happens a few months or a year from now.
Since this experience, I still have the low basic standards I mentioned at the beginning, but if I was so inclined, these should be the real absolute minimum features of a domain registrar:
May 24, 2022