[dns-operations] Adding CNAME for the root domain issue

Matthew Pounsett matt at conundrum.com
Wed Apr 27 18:07:21 UTC 2016


On 27 April 2016 at 10:54, Andrew Boling <aboling at gmail.com> wrote:

> On Wed, Apr 27, 2016 at 12:29 PM, Matthew Pounsett <matt at conundrum.com>
> wrote:
>>
>>
>> What Cloudflare is doing with their CNAME flattening service is quite
>> good, but that document is a terrible marketing representation of what is
>> an excellent technical implementation if a kludge we all have to live with.
>>
>>
> Precisely. What Cloudflare has been doing the past few years is not a
> CNAME as described by any RFC on the standards track. It's a synthetic
> behavior reminiscent of "ALIAS", "ANAME", etc.
>

Right.  But, they used to actually do CNAME at apex, and the subtext of
that document is "this would have worked great if only people played
along.  But they didn't, so we had to do this other thing."  That
contributes to the idea that CNAME at apex shouldn't be a problem.


>
>
> https://support.cloudflare.com/hc/en-us/articles/200169056-CNAME-Flattening-RFC-compliant-support-for-CNAME-at-the-root
>
> I don't have a problem with companies providing "fake" record types that
> implement record synthesis. I have an immense problem with such behaviors
> being associated with an existing record type, creating a false impression
> that records can exist in places where they have never been legal. The
> confusion it creates is anything but trivial, and I've already had one web
> hosting company try to convince me that apex CNAMEs aren't forbidden by the
> standards because "their DNS servers support it".
>
>
> http://serverfault.com/questions/613829/why-cant-a-cname-record-be-used-at-the-apex-aka-root-of-a-domain
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160427/7d0191d0/attachment.html>


More information about the dns-operations mailing list