Add Craft Docs Domain

[zsbee]

Public Suffix List (PSL) Pull Request (PR) Template

Each PSL PR needs to have a description, rationale, indication of DNS validation and syntax checking, as well as a number of acknowledgements from the submitter. This template must be included with each PR, and the submitting party MUST provide responses to all of the elements in order to be considered.

Checklist of required steps

• [x] Description of Organization
• [x] Robust Reason for PSL Inclusion
• [x] DNS verification via dig
• [x] Run Syntax Checker (make test)
• [x] Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration, and we shall keep the _PSL txt record in place in the respective zone(s) in the affected section

Submitter affirms the following:

• [x] This request was not submitted with the objective of working around other third-party limits

• [x] The Guidelines were carefully read and understood, and this request conforms
• [x] The submission follows the guidelines on formatting and sorting

---

For Private section requests that are submitting entries for domains that match their organization website's primary domain, please understand that this can have impacts that may not match the desired outcome and take a long time to rollback, if at all.

To ensure that requested changes are entirely intentional, make sure that you read the affectation and propagation expectations, that you understand them, and confirm this understanding.

PR Rollbacks have lower priority, and the volunteers are unable to control when or if browsers or other parties using the PSL will refresh or update.

(Link: about propagation/expectations)

• [x] Yes, I understand. I could break my organization's website cookies etc. and the rollback timing, etc is acceptable. Proceed.

Description of Organization

Docs is an integrated workspace designed for individual consumers, small teams or businesses, offering a suite of tools for documentation, task management, and collaboration. Typically, users can create and modify page content, which can be kept private or effortlessly shared with others within their organization.

Craft Docs is a product that allows users to "publish" (Read-Only) and also "Share" (Google Docs style editing) their pages or documents to the broader web, essentially creating a website without any coding required. Each user can publish pages under their own unique *.craft.me domain or choose a custom one themselves , e.g. Example User might publish https://zsombor-personal.craft.me/ or share with editing permissions like this: https://s.craft.me/HS2ul20nrQXsfB

I am a a staff engineer in the Stability Team at Craft, my work is accross developer teams and I do lots of issue investigations including phishing/security related problems.

Organization Website: https://www.craft.do/

Reason for PSL Inclusion

We'd like craft.me domains to be on the PSL in order to:

• Avoid domain reputation from a.craft.me affecting that of b.craft.me, given that a and b are distinct content creators. This also seems to be best practice, given that similar site hosting platforms have entries in the PSL. Our craft.me domain expires in 2028-08-13 Number of users this request is being made to serve: The proposed changes are expected to impact all customers of Craft users or potential users (who have been received a pulished craft document). Specific user counts for the product usage are not publicly available.

DNS Verification via dig

Results of Syntax Checker (make test)

[groundcat]

• The domain craft.me expires on 2028-08-13T19:02:50Z (WHOIS Server: whois.nic.me), which is more than 2 years from now.
• The _psl record resolves to the valid value.
• The sorting looks correct to me.
• The organization’s website, https://www.craft.do/, showcases Craft Docs products, which match the description in this pull request. Using Google site:craft.me, I discovered several subdomains of craft.me; I spot-checked a few of them, which appear to belong to different users. This aligns with the described need to include this in the PSL for isolation and security reasons. (Similar to #1958)
• Under the "Submitter affirms the following" section about third-party limits, you have listed both Cloudflare and Let's Encrypt. If you are trying to bypass limitations imposed by Cloudflare and Let's Encrypt, you should contact them, as per the guidelines linked here: Validation and Non-Acceptance Factors. If you are not attempting to bypass these limitations (which is likely your case), you should remove those entries. It appears that craft.me itself and all subdomains (*.craft.me) have already been using Cloudflare's CDN. From the user sites I spot-checked, there is only one valid SSL certificate issued to craft.me, which means all users probably share craft.me's Cloudflare-managed SSL certificate issued to craft.me and *.craft.me. So, I'm guessing that you are not seeking to bypass third-party limits.

[zsbee]

Thank you, removed those lines, we indeed do not seek to attempt to bypass any limitations

[simon-friedberger]

• [x] Expiration (Note: Must STAY >2y at all times)
  • [x] craft.me expires 2028-08-13
• [x] DNS _psl entries (Note: Must STAY in place)
• [x] Tests pass
• [x] Sorting
• [x] Reasoning/Organization description

TY @groundcat !

[zsbee]

TY! do you need me to fix the conflict?