[tor-bugs] #31718 [Internal Services/Tor Sysadmin Team]: Update DNS records for .ooni.torproject.org domains
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Sep 16 11:08:23 UTC 2019
#31718: Update DNS records for .ooni.torproject.org domains
-------------------------------------------------+---------------------
Reporter: hellais | Owner: tpa
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+---------------------
Comment (by hellais):
Currently this is already happening though, `explorer.ooni.torproject.org`
being a CNAME to `explorer.ooni.io`, I mistakenly thought this was not
currently the case when opening the ticket, but this is already happening
and no change is necessary on this front.
It was done this way specifically to make it easier for us to more
independently handle how we serve requests to users hitting out website
from the various domains that were distributed.
The website `ooni.org` & `ooni.io` & `ooni.torproject.org` is still
running on tpo infrastructure, but we would like to change that to reduce
the complexity of having something hosted on system where people need LDAP
access to administer it.
Our preference would be that we setup a CNAME record for
`ooni.torproject.org` that points to `ooni.io` or `ooni.org` so that we
are able to on our own setup a redirect, if desirable, or handle the
requests directly by keeping the `ooni.torproject.org` domain (we probably
will do this in the beginning).
> would be to run a tiny webserver as the .torproject.org site, which
sends an http-level redirect to the external site?
> hellais, do you want an actual CNAME (ie. that the user doesn't know
they get redirected to ooni) or a redirect (that the user *does* end up on
ooni.io)?
It would be preferable if we could get a CNAME record, so that we can
manage how redirects are handled autonomously.
> is this domain used by non-HTTP clients?
It's the domain used for our primary website. We don't make any assumption
as to what type of client is going to access it. I suppose most modern
browsers will do HTTPS.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31718#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list