Are you using A records in a domain you own and pointing at their IPs? I'm not aware of any security vulnerability exploiting A vs CNAME. If they are hosting on a domain they own vs one you own, the use of a CNAME would allow them to change the A record IP without less impact to you, it would also allow them to remove the A record and effectively stop traffic targeting the host via a resolved IP.
On Fri, Nov 6, 2020, 4:08 AM Dovid Bender <do...@telecurve.com> wrote: > Hi, > > Sorry if this is a bit OT. Recently several different vendors (in > completely different fields) where they white label for us asked us to > remove A records that we have going to them and replace them with CNAME > records. Is there anything *going around* in the security aranea that has > caused this? >
