Random   •   Archives   •   RSS   •   About   •   Contact

nosslsearch cname is a bad idea and solution


Google SafeSearch and SSL Search for Schools suggests implementing the following changes to the network:
To utilize the no SSL option for your network, configure the DNS entry for www.google.com to be a CNAME for nosslsearch.google.com.

Here are the reasons why this is a bad idea and solution:
  • In order to create a CNAME record for www.google.com we need to become an authoritative master of that zone.
  • If you become an authoritative master you need to host all of Google's DNS resource records for the domain.
  • Google is asking us to DNS poison it's flag ship product on our networks.
  • If other companies follow suit the internet will quickly become unmanageable. DNS was not ment to work this way.
  • Not all networks have a local DNS server

This is a bad idea. Please change your stance on this matter.

Reference: https://support.google.com/websearch/bin/answer.py?hl=en&answer=186669

Mon 26 March 2012

Tags: Opinion, Security



Want comments on your site?

Remarkbox — is a free SaaS comment service which embeds into your pages to keep the conversation in the same place as your contentr. It works everywhere, even static HTML sites like this one!

Remarks: nosslsearch cname is a bad idea and solution

© Russell Ballestrini.