WWW & Root Record



The World Wide Web is a system of many interlinked hypertexts accessible through the Internet. The World Wide Web was invented in 1989 by British scientist Tim Berners-Lee, who wrote the first web browser in 1990 while working at CERN in Switzerland. The Web browser was released outside CERN in 1991, first to other research institutions in January 1991, and made available to the public on the Internet in August 1991.

Vertex records

A vertex record is a DNS record located in the root (or apex) of a DNS zone. For example, in the DNS zone airbnb.com, the apex record also has the fully qualified name airbnb.com, which is called the bare domain. By convention, the relative name @ is used for vertex records.

Practical experience

Vertex records & CNAMEs

RFC 1034 3.6.2 Adding a CNAME to a vertex record is not recommended and requires direct configuration of an A record. W3C’s authoritative DNS service will report an error if you add CNAME directly to a vertex record.

The main reason is that if you add CNAME to airbnb.com vertex record to facebook.com, it is equivalent to adding Alias facebook.com to airbnb.com. Then the first time you visit airbnb.com, you will record facebook.com in your local cache, and the next time you visit airbnb.com, you will directly access facebook.com using your local cache.

Also Aliased is the MX (Mail eXchange) record, which means that sending mail to airbnb.com is equivalent to sending mail to facebook.com. Sending an email first and then visiting the web page will send an email to airbnb.com, because the CNAME is not cached locally.

The normal access logic would be airbnb.com page accessing facebook.com, but sending email to airbnb.com. Adding a CNAME to a vertex record causes problems with the mailbox service.

Of course DNS services like AWS, Azure, and Aliyun allow adding CNAMEs to vertex records because of the CloudFlare-based approach.

The CloudFlare principle is to recursively resolve the configured CNAME and convert it to an A record.

Normal vertex records are configured with WWW DNS as:

airbnb.com        A
www.airbnb.com  CNAME airbnb.com

Browser access characteristics

Browser access will auto-completion and query different DNS records based on specific input.

https://airbnb.com      => airbnb.com
https://www.airbnb.com  => www.airbnb.com
airbnb.com              => www.airbnb.com
www.airbnb.com          => www.airbnb.com

TLS certificates

A WWW resolution record can be considered as a subdomain of a vertex record, similar to zh.airbnb.com and www.airbnb.com which are equivalent in DNS. So the TLS certificate used by zh.airbnb.com and www.airbnb.com is *.alipay.com, while the TLS certificate used by airbnb.com is alipay.com.

www.airbnb.com      => *.alipay.com
airbnb.com          => alipay.com