I don't get your first point. CDNs are about content distribution, not load balancing. And you can already add multiple web servers to your A/AAAA record, that is still available to regular people. I believe different DNS providers even shuffle the order of the result to get clients to change up their connections
The different port thing is something that won't ever happen because the big players in the industry are petrified of the "middlebox bogeyman" and they won't allow any changes to web infrastructure that would make their jobs difficult, even if it would work fine for everyone else. We are doomed to use 443 for eternity.
We could just change the DNS spec to stop the apex madness. I don't know why nobody ever did, other than keeping the status quo.
> We could just change the DNS spec to stop the apex madness. I don't know why nobody ever did
If you mean changing how CNAME works, that can't be done in a backwards compatible way. If you mean adding a new record type, well that is exactly what this RFC does. There have been previous attempts to make RFCs that fix the apex problem, but this is the only one to get beyond a draft. I do think it is odd that it was grouped together with a bunch of other functionality instead of having a dedicated ANAME record type.
I don't know why it took so long to fix the apex problem.
> CDNs are about content distribution, not load balancing.
For you, maybe, but many people use a CDN and related services as a form of protection from web server overload.
> We are doomed to use 443 for eternity.
Do you write your applications for Win32? There have been many such proclamations made in the past, and they have all, slowly but surely, mostly gone away. Just try to browse the web using a really old browser or operating system. You can’t do anything, since most web sites require TLS1.0 or later.
> We could just change the DNS spec to stop the apex madness.
The different port thing is something that won't ever happen because the big players in the industry are petrified of the "middlebox bogeyman" and they won't allow any changes to web infrastructure that would make their jobs difficult, even if it would work fine for everyone else. We are doomed to use 443 for eternity.
We could just change the DNS spec to stop the apex madness. I don't know why nobody ever did, other than keeping the status quo.