Closed judu closed 3 months ago
Hi @judu! I'm not sure what happened here. Did you change the PR template? Was something wrong with it? There should be 10 "tasks" (checkboxes).
Hi @simon-friedberger I removed some comments so it would be easier to re-read myself before sending the PR. I may have removed too much by mistake. Let me check it again and put back the missing ones! :pray:
EDIT: Done.
Hum, I thought that having owned these domains for at least 7 years was enough. I'll fix that.
Fixed the sorting.
Expiration is fixed.
Hum, I thought that having owned these domains for at least 7 years was enough. I'll fix that.
Hear you on that. We found that many registries omit the creation date more frequently than the expiry date, so this fuzzed the benefit of domain age in the process.
We end up with requestors sometimes skuttling their plans or ghosting their project that they had requested an entry for, whcih creates a debris field in the PSL, so we hope to see the longer future term as a signal of the commitment of the project requesting the entry being stable.
The practical reason for the 2+y rule is related to the future of the domain name and it remaining registered and active.
Checklist of required steps
Submitter affirms the following:
For Private section requests that are submitting entries for domains that match their organization website's primary domain, please understand that this can have impacts that may not match the desired outcome and take a long time to rollback, if at all.
To ensure that requested changes are entirely intentional, make sure that you read the affectation and propagation expectations, that you understand them, and confirm this understanding.
PR Rollbacks have lower priority, and the volunteers are unable to control when or if browsers or other parties using the PSL will refresh or update.
(Link: about propagation/expectations)
[x] Yes, I understand. I could break my organization's website cookies etc. and the rollback timing, etc is acceptable. Proceed.
Description of Organization
Clever Cloud provides hosting services. (see https://www.clever-cloud.com/) As part of hosting, Clever Cloud provides the privately-owned
cleverapps.cc
andcleverapps.tech
domains for dev purposes. Customers can use a subdomain ofcleverapps.cc
andcleverapps.tech
for free. These domains records are managed by Clever Cloud and will point towards our own infrastructure.The same happens for some domains in
*.services.clever-cloud.com
, which we use to offer object storage services, like:cellar-c2.services.clever-cloud.com
cellar-fr-north-hds-c1.services.clever-cloud.com
cellar-fr-north-c1.services.clever-cloud.com
Clever Cloud also provides services using a uniquely generated domain under some subdomains, like:
grafana.services.clever-cloud.com
services.clever-cloud.com
Reason for PSL Inclusion
This is a follow-up for https://github.com/publicsuffix/list/pull/634
All subdomains of
cleverapps.tech
,cleverapps.cc
and*.services.clever-cloud.com
are considered mutually-untrusting parties/clients. Since the domains can be used "for free", we need to protect against cookie-sharing attacks and being reported to security databases when bad users use them for fraudulent purposes. (We have active detection processes and automated responses to phishing reports from security companies, but it's an ever evolving game.)As such we request that it is added to the private section of the Public Suffix List.
Number of users this request is being made to serve: around 150k at the moment.
DNS Verification via dig
Results of Syntax Checker (
make test
)