Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add aiven.app to public suffix #2315

Merged
merged 2 commits into from
Dec 10, 2024
Merged

add aiven.app to public suffix #2315

merged 2 commits into from
Dec 10, 2024

Conversation

tmaher
Copy link
Contributor

@tmaher tmaher commented Dec 9, 2024
edited
Loading

Public Suffix List (PSL) Submission

Checklist of required steps

  • Description of Organization

  • Robust Reason for PSL Inclusion

  • DNS verification via dig

  • Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration, and we shall keep the _psl TXT record in place in the respective zone(s).

Submitter affirms the following:

  • We are listing any third-party limits that we seek to work around in our rationale such as those between IOS 14.5+ and Facebook (see Issue #1245 as a well-documented example)

  • NONE

  • This request was not submitted with the objective of working around other third-party limits.
  • The submitter acknowledges that it is their responsibility to maintain the domains within their section. This includes removing names which are no longer used, retaining the _psl DNS entry, and responding to e-mails to the supplied address. Failure to maintain entries may result in removal of individual entries or the entire section.
  • The Guidelines were carefully read and understood, and this request conforms to them.
  • The submission follows the guidelines on formatting and sorting.
  • A role-based email address has been used and this inbox is actively monitored with a response time of no more than 30 days.

Abuse Contact:

For PRIVATE section requests that are submitting entries for domains that match their organization website's primary domain, please understand that this can have impacts that may not match the desired outcome and take a long time to rollback, if at all.

To ensure that requested changes are entirely intentional, make sure that you read the affectation and propagation expectations, that you understand them, and confirm this understanding.

PR Rollbacks have lower priority, and the volunteers are unable to control when or if browsers or other parties using the PSL will refresh or update.

(Link: about propagation/expectations)

  • Yes, I understand. I could break my organization's website cookies and cause other issues, and the rollback timing is acceptable. Proceed anyways.

Description of Organization

Organization Website: https://aiven.io/

Aiven is a database-as-a-service provider for open source data solutions. The company aims to simplify data storage and management in the cloud, allowing customers to deploy managed data services across multiple cloud platforms. I am a member of the security team.

Reason for PSL Inclusion

Note: My predecessor @etienne-aiven in #1508 added aivencloud.com . The reasons cited in that PR were...

Aiven deploys customer instances under the aivencloud.com domain, for example customer-pg-12x.a.aivencloud.com. Some of these services may expose a web interface which sets cookies. Inclusion in the PSL would allow for more secure cookie settings. We wish for each customer service to be treated as unique domain/site for all intents and purposes.

We are adding one additional DNS domain: aiven.app, which will also host customer applications. For example, customer Foo could create a browser-facing web service at https://foo.aiven.app/ and their competitor Bar could create and deploy https://bar.aiven.app/ . Inclusion in the PSL will prevent cookie stuffing attacks between Foo and Bar.

The existing domain added in #1508 (aivencloud.com) has been reviewed, and would like it to remain in the PSL. We will continue to retain the TXT record _psl.aivencloud.com and it continues to point at the PR that added it.

Note: My predecessor has left the company, hence the change in the comment line. The additional plus-address is to allow faster triage of reports.

Number of users this request is being made to serve: 50,000 users (ESTIMATE)

DNS Verification

thomas.maher@sapidus:~/src/list$ dig +short TXT _psl.aiven.app
"https://github.com/publicsuffix/list/pull/2315"

wdhdev
wdhdev reviewed Dec 9, 2024
View reviewed changes
public_suffix_list.dat Outdated
@@ -11282,7 +11282,8 @@ airkitapps-au.com
airkitapps.eu

// Aiven: https://aiven.io/
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// Aiven: https://aiven.io/
// Aiven : https://aiven.io/

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for catching - fixed.

@tmaher tmaher marked this pull request as ready for review December 9, 2024 22:43
@wdhdev
Copy link
Contributor

wdhdev commented Dec 9, 2024

  • Expiration (Note: Must STAY >2y at all times)
    • aiven.app expires 2029-04-05
  • DNS _psl entries (Note: Must STAY in place)
    • _psl.aiven.app
  • Sorting
  • Reasoning/Organization description
  • Non-personal email address

@simon-friedberger simon-friedberger merged commit 3fc7503 into publicsuffix:main Dec 10, 2024
2 checks passed
@tmaher tmaher mentioned this pull request Dec 11, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wdhdev wdhdev wdhdev left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tmaher @wdhdev @simon-friedberger