[tor-bugs] #31718 [Internal Services/Tor Sysadmin Team]: Update DNS records for .ooni.torproject.org domains
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Sep 16 15:01:14 UTC 2019
#31718: Update DNS records for .ooni.torproject.org domains
-------------------------------------------------+---------------------
Reporter: hellais | Owner: tpa
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+---------------------
Comment (by anarcat):
i don't exactly know what the policy is regarding CNAMEs, to be honest. :)
the best source I know of is this:
https://help.torproject.org/tsa/doc/naming-scheme/
... which outlines the distinction between TPO (torproject.org) and TPN
(torproject.net) that weasel was refering to. The problem might not be
CNAMEs per se, but pointing to outside stuff.
Another thing is that CNAMEs are not a great way to move stuff around,
because they are transparent to clients. An web browser or crawler will
not treat a CNAME as "this is now hosted over there", it's just an alias.
For those kind of transitions, you want to do a HTTP redirect, that is
respond with a 301 (Moved Permanently) or 302 (Found) status code:
https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#3xx_Redirection
Then we can deprecate the *.ooni.tpo namespace and eventually transition
to ooni.io cleanly.
This is why I was asking about non-HTTP (and non-HTTPS) clients: those
redirections will work only for HTTP clients. If you have people using
this over SSH or Git or whatever non-HTTP protocol, those would break of
course.
(Sorry if you already know all of this about HTTP status codes vs CNAMEs,
but I thought it was useful to get back to the specs to clarify my
thoughts.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31718#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list