zlacker

[parent] [thread] 5 comments
1. electr+(OP)[view] [source] 2023-08-02 14:39:01
Intransigent maintainers are such an irritating problem. Any time a maintainer has some strongly-held beliefs or goals that supersede their desire to serve users, you've got a ticking time bomb. When the two clash, they'll decline to serve users in order to serve their strongly-held belief instead. We see it time and time again.
replies(2): >>ninjag+Av >>whoopd+vB
2. ninjag+Av[view] [source] 2023-08-02 16:55:00
>>electr+(OP)
This case might not be one of an intransigent maintainers. Check out Stavros' note [1]

>>36971650

replies(1): >>electr+eL1
3. whoopd+vB[view] [source] 2023-08-02 17:20:52
>>electr+(OP)
Are you talking about Archive.is or Cloudflare?

Answer: "Yes."

replies(1): >>electr+aI1
◧◩
4. electr+aI1[view] [source] [discussion] 2023-08-02 21:49:13
>>whoopd+vB
I do believe both parties see the other this way.

Archive.is believes that Cloudflare can simply provide the full EDNS data, and they're technically right. But Cloudflare won't budge because they believe this is hostile to user privacy. I haven't heard a counterargument that Cloudflare is wrong about this.

Cloudflare believes that Archive.is can simply live without the EDNS data, and they're technically right. But Archive.is won't budge because they believe it prevents their abuse prevention techniques. They mention that owning their own AS would solve the problem but that's too expensive.[1]

Blame is in the eye of the beholder, but it seems to me that Archive.is should find alternative abuse prevention techniques like other websites do. Cloudflare has an argument based on privacy. Archive.is has an argument based on the proper solution being too expensive. The expense of running an AS is disputed in this HN thread.[2]

[1] >>36971650

[2] >>36977654

replies(1): >>nora-p+lU1
◧◩
5. electr+eL1[view] [source] [discussion] 2023-08-02 22:02:43
>>ninjag+Av
Indeed, they mention that the proper solution is to get their own AS but that it's too expensive (this is what other major websites do). Cloudflare argues that they are protecting user privacy by truncating the EDNS responses, and I believe it's commonly agreed that they're right that this move does so. Archive.is says explicitly that they want this because it's cheaper than an alternative that is available to them. The cost of running an AS is disputed elsewhere in this HN thread. To me it seems clear that Cloudflare has the moral upper hand.
◧◩◪
6. nora-p+lU1[view] [source] [discussion] 2023-08-02 22:46:57
>>electr+aI1
I don't think the "the proper solution" is possible in 2023, and it's not a matter of the size of the money pile.

Google and Facebook were examples of "the proper solutions".

The former is currently inaccessible from China, the latter from Russia.

Their "abuse prevention techniques" have failed.

Sacrificing only Cloudflare DNS users is a much lesser evil compared to outcome of "the proper solutions".

[go to top]