Speaking of registrars vs registries - I've noticed some companies have become their own registrar to improve their domain security (Cloudflare, Google, etc.). Is that a feasible path for smaller organizations? How much risk does that mitigate? It seems like it gives the organization control over more of the domain registration, which allows them to manage things better than a typical registrar might. But credentials can be compromised in either case.
Does anyone have any experience with that setup?