On Sep 16, 2014, at 8:34 AM, Fred Baker (fred) <fred(_at_)cisco(_dot_)com>
wrote:
On Sep 16, 2014, at 4:52 AM, Linus Nordberg <linus+ietf(_at_)nordu(_dot_)net>
wrote:
It seems like www.ietf.org is behind CloudFlare:
...
This is sad because it's now not possible to visit the site without
accepting JavaScript. At least if you get selected for solving a
CAPTCHA. Tor users is one group of users who are selected.
I believe a client gets thrown to a CAPTCHA when the source IP address is
identified with a threat/attack of some sort in order to ensure there is a
human behind the client. In as much as sites behind Tor are used to originate
attacks, it isn’t too surprising that they get redirected to a CAPTCHA.
As for it being sad, I see it as a reasonable tradeoff in today’s Internet.
Is this permanent?
Few things in life are. I imagine if another company were to provide a better
deal/meet the IETF requirements for CDN services, the IETF would probably
switch.
Will it hit more domains than www?
Where can I read about the decision to hide www behind CloudFlare?
Thanks,
Linus
“hide”?
I think I might start by asking the IAD or the IAOC. I wasn’t involved, but
the use of a CDN is usually a business decision, and they are the folks who
make business decisions for the IETF. AMS has historically provided
redundancy for www.ietf.org by hosting it at two sites, one of which was a
secondary for the other. Just a guess, but it’s mine, Cloudflare probably
offered the IETF a deal in which the IETF got redundant dual stack service
and a good rate.
There is also
http://www.latimes.com/business/technology/la-fi-tn-cloudflare-free-https-20140808-story.html
Regards,
-drc
(full disclosure: I used to work for Cloudflare a few years ago)
signature.asc
Description: Message signed with OpenPGP using GPGMail