It depends on your specific tension but if we take a look at the domain definition in the constitution:
- 1.1 (b) one or more “Domains”, which are things the Role may exclusively control and regulate as its property, on behalf of the Organization.
My interpretation would be that it can only be an entire property, not constraint by any specific situation.
Thus, I would go with your second proposal.
Does it make sense?
I don't think you could delegate the domain + define a policy at the circle level (in governance mtg) saying anyone could use it outside of disaster recovery plan because of section 2.1.3
2.1.3 Delegation of Control
When a Circle defines a Domain upon one of its Roles, the Circle’s authority to impact, control, and regulate that Domain is instead delegated to that Role and removed from the Circle.
However, the Circle retains the right to amend or remove that Domain delegation, or to define or modify Policies that further grant or constrain the Role’s authority within the Domain.
By default, any Domains delegated in this way exclude the authority to dispose of the Domain itself or any significant assets within the Domain, or to transfer those assets outside of the Circle, or to significantly limit any rights of the Circle to the Domain. A Circle may delegate these retained authorities as well, by explicitly granting the desired permissions in a Policy of the Circle.
In any case, all Domain delegations are always limited to whatever authority the Circle itself had in the first place.
What do you think?