Re: ietf.org unaccessible for Tor users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jari Arkko <jari.arkko@xxxxxxxxx> wrote:
    > It is important that IETF documents are accessible via Tor. It is
    > important that whatever CAPTCHA's are being employed, they are
    > accessible to everyone. It is important that we at the IETF are able to
    > deal with DoS attacks.

These systems do not need to be the same system, do they?
I think we are talking about www.ietf.org, and not datatracker.

I think that most of www.ietf.org is static; that it could be rsync'ed, and
we could have instances (with different names) that aren't behind cloudflare
(but, which would be far more DDoS'able).

    > The question: Yui: I was under the (perhaps mistaken) assumption that
    > ietf.org is generally accessible to everyone in the usual way, but that
    > some blacklisted nodes will have to go through a CAPTCHA process before
    > being able to continue. Is this so, or is there an experience that says
    > nodes are blocked and there isn’t even a possibility to go through a
    > CAPTCHA? Or is the problem that there is a CAPTCHA but you do not feel
    > that it is done in a way that is appropriate? Does all this relate to
    > http or https traffic?

    > The observations:

    > o   I do not feel that contracted running of multiple copies of our
    > servers constitutes a man-in-the-middle arrangement.

    > o   I have asked the matter to be discussed in our IT/tools/IAOC
    > meetings, but I’ll note that we may not have any more magical answers
    > than what is already being discussed on the list.




--
Michael Richardson <mcr+IETF@xxxxxxxxxxxx>, Sandelman Software Works
 -= IPv6 IoT consulting =-



Attachment: signature.asc
Description: PGP signature


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]