On Sep 16, 2014, at 8:34 AM, Fred Baker (fred) <fred@xxxxxxxxx> wrote: > On Sep 16, 2014, at 4:52 AM, Linus Nordberg <linus+ietf@xxxxxxxxx> wrote: >> It seems like www.ietf.org is behind CloudFlare: >> ... >> This is sad because it's now not possible to visit the site without >> accepting JavaScript. At least if you get selected for solving a >> CAPTCHA. Tor users is one group of users who are selected. I believe a client gets thrown to a CAPTCHA when the source IP address is identified with a threat/attack of some sort in order to ensure there is a human behind the client. In as much as sites behind Tor are used to originate attacks, it isn’t too surprising that they get redirected to a CAPTCHA. As for it being sad, I see it as a reasonable tradeoff in today’s Internet. >> Is this permanent? Few things in life are. I imagine if another company were to provide a better deal/meet the IETF requirements for CDN services, the IETF would probably switch. >> Will it hit more domains than www? >> Where can I read about the decision to hide www behind CloudFlare? >> >> Thanks, >> Linus > > “hide”? > > I think I might start by asking the IAD or the IAOC. I wasn’t involved, but the use of a CDN is usually a business decision, and they are the folks who make business decisions for the IETF. AMS has historically provided redundancy for www.ietf.org by hosting it at two sites, one of which was a secondary for the other. Just a guess, but it’s mine, Cloudflare probably offered the IETF a deal in which the IETF got redundant dual stack service and a good rate. There is also http://www.latimes.com/business/technology/la-fi-tn-cloudflare-free-https-20140808-story.html Regards, -drc (full disclosure: I used to work for Cloudflare a few years ago)
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail