Re: [DNSOP] Any website publishers who use CDNs on the list?

Måns Nilsson <> Fri, 02 November 2018 12:11 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 80BC51274D0 for <>; Fri, 2 Nov 2018 05:11:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -3.221
X-Spam-Status: No, score=-3.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FROM_EXCESS_BASE64=0.979, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id iDX0RLghSPaT for <>; Fri, 2 Nov 2018 05:11:11 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id E5DC4124C04 for <>; Fri, 2 Nov 2018 05:11:10 -0700 (PDT)
Received: by (Postfix, from userid 1004) id B1ABF9E44; Fri, 2 Nov 2018 13:11:08 +0100 (CET)
Date: Fri, 02 Nov 2018 13:11:08 +0100
From: Måns Nilsson <>
To: Dan York <>
Cc: " WG" <>
Message-ID: <>
References: <>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="Qrgsu6vtpU/OV/zm"
Content-Disposition: inline
In-Reply-To: <>
X-Clacks-Overhead: "GNU Sir Terry Pratchett"
X-Purpose: More of everything NOW!
X-happyness: Life is good.
User-Agent: Mutt/1.7.2 (2016-11-26)
Archived-At: <>
Subject: Re: [DNSOP] Any website publishers who use CDNs on the list?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 02 Nov 2018 12:11:14 -0000

Subject: [DNSOP] Any website publishers who use CDNs on the list? Date: Fri, Nov 02, 2018 at 10:57:33AM +0000 Quoting Dan York (
> DNSOP subscribers,
> Are there any other publishers of websites on this list who use CDNs in front of their sites - and who are interested in the whole “CNAME at apex” issue?

I am employed by an organisation who does this. 

I strongly oppose any work being done to slacken the restrictions around
CNAMES.  At least in order to bodge together a fix for the "CDN problem".

I would much much rather see RFC 7553 URI support.  

A little quote from the applicability statement in 7553: 

   In general, it is expected that URI records will be used by clients
   for applications where the relevant protocol to be used is known,
   but, for example, an extra abstraction is needed in order to separate
   a domain name from a point of service (as addressed by the URI).  One
   example of such a situation is when an organization has many domain
   names but only one official web page.

		(my underlining)

But, I am certain that the fine disillusion^W^Wrealists in the hosting
world will tell me that some DNS-frontend software does not support
anything but CNAME, so CNAME it is.  And we'll do the entire shouting
game that we had around SRV/TXT once again.

Typ^W^WApex-squatting for fun and profit. 
Måns Nilsson     primary/secondary/besserwisser/machina
MN-1334-RIPE           SA0XLR            +46 705 989668
Used staples are good with SOY SAUCE!