On Wed, May 19, 2010 at 4:28 PM, L. V. Lammert <l...@omnitec.net> wrote:
> > OTOH, *directing* the muddled masses to HIS machine [even if by mistake] > would give pause, would it not? Doesn't seem like a good policy security > to me, .. > > Lee > > Uhh. Security through Obscurity is no Security. Is http://sdfehwhwefwihefw.openbsd.org "more secure" for Theo's basement? Having it as the default "openbsd.org" isn't any "more or less" secure. It is only an issue of convenience for whoever uses "openbsd.org". Having run several large websites and e-commerce stores, I was taught to CNAME the www to the base domain, and route port 80 on the domain to the appropriate web server. (Store URLs get their own IP like store.openbsd.org, because they need SSL cert authority) However, OpenBSD is a project. openbsd.org = root of the project, The founder's basement www.openbsd.org = the Intarweb for the rest of us. Makes sense to me.
