So what, exactly, happens the moment a person’s domain is unavailable, or is transferred to a new owner? Does the account show up as the non-human-readable ID until the account owner can verify the ID with another domain? Or what?
Services will cache the mapping and probably give the old mapping until the cache gets updated. On a failed mapping, I suppose it'll fall back to the DID like you say unless we cook up a better answer.
Note: DNS already has a cache invalidation mechanism in the TTL of the DNS record. I think you’d be well advised to simply use that; i.e. just look up the domain every time, and let the DNS TTL be your caching mechanism for domain lookups.
(You’d also probably better make sure your DNS resolver uses DNSSEC validation, and that your DNS resolving code path requests it by default.)
