Update Rad Web Hosting Domains section - add myradweb.net, servername.us #1760
Conversation
* [x] Description of Organization * [x] Reason for PSL Inclusion * [x] DNS verification via dig * [x] Run Syntax Checker (make test) * [x] Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration. Description of Organization ==== Organization Website: https://radwebhosting.com My name is Scott Claeys, I am a network engineer, and I represent Rad Web Hosting. Rad Web Hosting provides web hosting and servers to users around the globe. Reason for PSL Inclusion ==== User (third-party) content is served from subdomains of myradweb.net and servername.us. Adding this domain to the PSL will stymie cookie stuffing attacks across these subdomains. The registration term for myradweb.net and servername.us is greater than 2 years in the future, and it will be extended automatically in advance of expiration. ``` % whois myradweb.net | grep "Registry Expiry" Registry Expiry Date: 2023-07-28T09:23:41Z % whois myradweb.net | grep "Registry Expiry" Registry Expiry Date: 2023-07-28T09:23:41Z ``` DNS Verification via dig ======= ``` dig +short TXT _psl.myradweb.net "publicsuffix#1219" dig +short TXT _psl.servername.us "publicsuffix#1219" ``` make test ========= Test run successfully
|
Confirmed |
sclaeys
changed the title
|
Please let us know of any further requirements for inclusion. |
|
Seems good! |
|
Is there anyone with write access who can check this PR? Very urgent. |
|
It appears the request template was never completed, listing rationale and number of users etc. Complete requests are helpful for the unpaid reviewers who volunteer their time on this project as they process through the queue of PR. Recommemd to complete request and also read the guidelines - especially about propogation timing - to ensure all expectations are aligned with the project resourcing. |
sclaeys
changed the title
Please check the updated comment |
|
@dnsguru Would this be more suitable? |
|
Nice 👍 |
simon-friedberger
added
✔️DNS _psl Validated
|
👀 |
I'm not sure how you're going to solve how browsers set cookies internally. Anyway, if you really don't need it pls remove it from the PR description. |
If you’re referencing the fourth level domains, this will actually be solved internally. Note that all we need is the second level names added. Apologies if this was unclear. |
|
Also, the template had 10 tasks. Please put them all back and complete them. |
|
cleaned |
|
Could you please update the top comment instead of adding more? |
Yes, good thoughts. I've made the recommended changes. |
|
Looks good 👍 |
We've reviewed and replaced this omission. Please follow up if you spot any other errors. |
|
According to what I can find from https://github.com/publicsuffix/list/actions/runs/6877814303/job/18706150168?pr=1760 this seems good to go |
Merge with psl
|
simon-friedberger
added
❌FAIL - DNS VALIDATION
Hello, not quite sure why the DNS _psl entry for myradweb.net wasn't available, but it's been in place since May 13, 2023. Regarding cloudsite.builders, the expiration has been fixed and is now 2026-07-28.
|
Add cprapid.com suffix to private section (publicsuffix#1892)
simon-friedberger
added
✔️DNS _psl Validated
simon-friedberger
added
the
r=simon-friedberger
|
@dnsguru, what's the best way forward? |
|
Hello @sclaeys I have noticed that the domain Additionally, the WHOIS records indicate that the domain's expiration is less than two years from now. To maintain your inclusion in the PSL, please ensure that your domain is renewed for more than two years at all times. If we do not receive a response within 30 days, your entry may be subject to removal. Thank you. #1119 Email sent |
Checklist of required steps
Organization Website: https://radwebhosting.com
My name is Scott Claeys, I am a network engineer, and I represent Rad Web Hosting.
Rad Web Hosting provides web hosting and servers to users around the globe.
Rad Web Hosting offers clients the ability to reserve unclaimed subdomains of *.myradweb.net for the purpose of staging incoming site migrations, viewing site updates in the wild, or for creation of webspaces to host websites and applications without registering a paid domain name.
We need to isolate them from one another (eg: we don't want client1.myradweb.net to be able to set a cookie readable from client2.myradweb.net).
Same applies for region specific endpoints. client1.uscp.myradweb.net should not be able to set cookies readable from bob-client2.uscp.myradweb.net site.
Number of users this request is being made to serve: Currently some hundreds are already using the service, but it is estimated to increase to thousands as our clients are continuously finding new creative use-cases for use of these "staging" domains.
Rad Web Hosting automatically generates unique hostnames for every cloud instance deployed that utilizes the *.servername.us second-level domain. These hostnames also provide access to a DNS zone which can be modified and customized by client.
We need to isolate them from one another (eg: we don't want client1.servername.us to be able to set a cookie readable from client2.servername.us).
Same applies for region specific endpoints. client1.us.servername.us should not be able to set cookies readable from bob-client2.us.servername.us site.
Number of users this request is being made to serve: Currently, this system is supporting hundreds of instances.
[ x] Run Syntax Checker (make test)
Test run successfully
[x ] Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration, and we shall keep the _PSL txt record in place in the respective zone(s) in the affected section
Submitter affirms the following:
For Private section requests that are submitting entries for domains that match their organization website's primary domain, please understand that this can have impacts that may not match the desired outcome and take a long time to rollback, if at all.
To ensure that requested changes are entirely intentional, make sure that you read the affectation and propagation expectations, that you understand them, and confirm this understanding.
PR Rollbacks have lower priority, and the volunteers are unable to control when or if browsers or other parties using the PSL will refresh or update.
(Link: about propagation/expectations)