Follow

Dear IETF: Are you fucking kidding me?
To get an RFC .txt file I must allow Cloudflare and Google tracking?

Are you serious? This is wrong on all OSI layers!

@lanodan Thanks for sharing. I do have my local RFC backup as well. (Not really current though to be honest.)
Still… the IETF must not block users in any way. (“must not” to be interpreted as defined in RFC 2119.)

@MacLemon @lanodan The key words "MUST (BUT WE KNOW YOU WON'T)", "SHOULD CONSIDER", "REALLY SHOULD NOT", "OUGHT TO", "WOULD PROBABLY", "MAY WISH TO", "COULD", "POSSIBLE", and "MIGHT" in this document are to be interpreted as described in RFC 6919.

@M0YNG
I think it depends on from where you happen to exit. Try a new circuit with Ctrl+Shift+L
@MacLemon

@M0YNG still there would be cloudflare involved, it does not protect to from that, they just wouldn't know who is actually accessing the ressource.

@MacLemon
Just tried. No cloudflare, no captcha, just txt (also html). Both Torbrowser and direct without any extra allowance in uMatrix and nothing blocked. No other domain.

@erAck @MacLemon But who issued the certificate? If it's from Cloudflare, then – they do MITM as their business model, so you can't tell from the domain name.

@IceWolf

O=Starfield Technologies, Inc.
CN=Starfield Secure Certificate Authority - G2

@MacLemon

@erAck cloudflare usually uses the main domain, did you check the IP you connect to? Thy usually have the AAAA and A set to one of their IPs.

@Utzer

Ah true, https connects to 104.20.1.85 which is CLOUDFLARENET

dig www.ietf.org a
CNAME www.ietf.org.cdn.cloudflare.net.
IN A 104.20.1.85

@erAck @utzer Yeah, saw that! Unfortunately it doesn't help when connecting via HTTPS. I did an `openssl s_client -connect www.ietf.org -port 443` to it, ran lsof to see what it was connecting to, and it was the Cloudflare one.

@IceWolf

And without www. it's not.
Btw, using curl is more convenient:
curl -iIsSv ...

@Utzer

@erAck @utzer Oh, I did use the www one, didn't I! Derp, thanks. *facepaws*

@drwetter

Same 180s for the ietf.org (without www.) direct connection.

@IceWolf @Utzer

@MacLemon www.rfc-editor.org doesn't use cloudflare: rfc-editor.org/rfc/

But none the less a shitty thing to do from the ietf.

@MacLemon I just checked; ftp still works to that address.

(I think that is the only way I have ever read an rfc, to be honest. Well, no, I have read them via links - but always mirrored, I believe. I believe the only way I've gone to the ietf website was via ftp. Thus my concern: was my traditional method now not working? And, no, it still does.)

@MacLemon ... I never experienced that, and I don't see anything about Cloudflare or Google. These are the only two requests that page makes for me.
image.png

@laggard You may want to check to whose IPs that hostname resolves to…

@MacLemon b-but what if someone ddoses the IETF website? would be too much to expect them to have their own infrastructure to handle it

@epi I don't mind them using a CDN, but I do mind them blocking legitimate requests via their CDN.

@MacLemon you can download them over ftp too, so don't even bother with the http version if this happens to you.

ftp://ftp.ietf.org/rfc/
Sign in to participate in the conversation
chaos.social

chaos.social – a Fediverse instance for & by the Chaos community