Add Cloudflare CNAME setup domains

[kerolasa]

Main motivation is web browser cookie hijack preventation.

Documentation: https://developers.cloudflare.com/dns/zone-setups/partial-setup/setup/ Cloudflare reference: DNS-10787 Signed-off-by: Sami Kerola kerolasa@cloudflare.com

[dnsguru]

Noting: I verified this was submitted by cloudflare via direct contact

[dnsguru]

@kerolasa can't process this until you get the _PSL txt records up - this would have been merged by now had this been in place, but has to wait to next review cycle now.

[kerolasa]

Sorry for the delay. I am sorting out the DNS records, that require some internal paperwork to go through review before they can be added.

[simon-friedberger]

@kerolasa Any updates?

[kerolasa]

Because magical handling of these domains I had to make a software fix, get it deployed, and now I am waiting for review process to add the necessary TXT records. Hopefully we should be done with this sometime soon. Let me try to speed up the process today.

[dnsguru]

thanks @kerolasa ! This step is really crucial - it ensures the integrity of the PSL being trusted and also keeps third parties from submitting things that can disrupt others.

[kerolasa]

Hello, the TXT records are finally available.

for i in cloudflare{,anycast,cn,global}; do host -t txt _psl.cdn.$i.net.; done
host -t txt _psl.cloudflare.net.

[dnsguru]

for i in cloudflare{,anycast,cn,global}; do host -t txt _psl.cdn.$i.net.; done
_psl.cdn.cloudflare.net descriptive text "https://github.com/publicsuffix/list/pull/1963"
_psl.cdn.cloudflareanycast.net descriptive text "https://github.com/publicsuffix/list/pull/1963"
_psl.cdn.cloudflarecn.net descriptive text "https://github.com/publicsuffix/list/pull/1963"
_psl.cdn.cloudflareglobal.net descriptive text "https://github.com/publicsuffix/list/pull/1963"

LGTM