nosslsearch cname is a bad idea and solution


Google SafeSearch and SSL Search for Schools suggests implementing the following changes to the network:
To utilize the no SSL option for your network, configure the DNS entry for www.google.com to be a CNAME for nosslsearch.google.com.

Here are the reasons why this is a bad idea and solution:
  • In order to create a CNAME record for www.google.com we need to become an authoritative master of that zone.
  • If you become an authoritative master you need to host all of Google’s DNS resource records for the domain.
  • Google is asking us to DNS poison it’s flag ship product on our networks.
  • If other companies follow suit the internet will quickly become unmanageable. DNS was not ment to work this way.
  • Not all networks have a local DNS server

This is a bad idea. Please change your stance on this matter.

Reference: http://support.google.com/websearch/bin/answer.py?hl=en&answer=186669

One thought on “nosslsearch cname is a bad idea and solution

Leave a Reply

Your email address will not be published. Required fields are marked *