Linus,
The change to Cloudfare has been mentioned, for instance in the plenary. The
decision was taken by IAOC, with input from the tools committee, based on our
perception of the need to have a globally efficient access to IETF web content,
with ability to scale as needed, and with the kind of support that we need. And
obviously without having to build too much of it ourselves. Note that the
current setup involves static web content and not the data tracker.
See page 18 in for some measurements regarding the effects
http://www.ietf.org/proceedings/90/slides/slides-90-iesg-opsplenary-7.pdf and I
think at least I personally have found the impact significant.
I was not personally aware of the captcha operation nor have I ever seen it
while accessing the IETF web site from various places. But we can ask Ray to
investigate if there are different, more suitable settings. However, I’d note
that being able to deal with some dos attacks is actually a useful feature, and
it is not unthinkable for the IETF to be a target. So any defence tactic
inconvenience should be weighted against the risks and benefits.
Paul:
We
have contributors in countries where using tor to access IETF might
actually be a requirement.
That is interesting. Do you have details? Where?
Shumon:
I believe Jari Arrko mentioned at the last IETF that Cloudflare is working on
deploying DNSSEC. It would be good to know if they have a specific or
estimated timeline for that.
TLS, DNSSEC, IPv6, etc are very important to us. TLS and IPv6 obviously has
been there, and partially based on IETF request they are working on DNSSEC.
Stay tuned - the date that I heard earlier this year is approaching, but we can
again ask Ray to check the current situation.
Rhys and Brian:
A bug in CloudFlare’s stuff?
The only issue I've noticed since the site was CloudFlared (well before
IETF 90) is that sometimes the mirror in Sydney, AU is out of date
when files are updated. For example if you upload a new version of
something to the meeting materials manager, the old version is served
from Sydney for some length of time (less than one hour, I believe).
If we find a problem either with the IETF or Cloudfare setup - and test it to
be a real problem - please communicate with Ray to get it reported.
Jari
signature.asc
Description: Message signed with OpenPGP using GPGMail