> Domains should be delegated to services using a simple OAuth2 protocol
Maybe i'm missing something, but why not do this using simple DNS? Nameservers at the registrar, or nameservers at some simple dns-only thing, and point hostnames to whatever you want at the moment.
The barrier to entry to using a domain name is way too high. Even just to use a domain with email you have to manually enter a bunch of DNS records. That should be a quick OAuth2 flow from your email provider that gives them a token they can use to set the records for you.
