> >> Cannes themselves are not dangerous, however when being used for the > >> "root" of a domain is _usually_ a bad idea just for the reasons you > >> mentioned below. > > > > You seem to have a rather over-extented sense of entitlement towards > > telling me that I'm doing it wrong. I hope it makes you feel really > > good. > > > > Joshua Smith did not tell you that you are doing it wrong. He pointed > out that CNAMEs are not _always_ a bad thing in general, which was in > response to someone else who seemed to imply they were. He also was > saying browsers do wrong by trying www automatically when the apex > doesn't resolve. He made no comment with respect to the openbsd.org > domain configuration or "operational things".
I was reporting (and trying to fix) security holes in libc's CNAME handling back in 1989, so I know. Please don't do that lecturing thing.