Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AWS Submissions to the Public Suffix List - Q4 2024 #2212

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

james-not-really
Copy link

@james-not-really james-not-really commented Oct 14, 2024

This is a draft pull request used by AWS to aggregate submissions to the PSL.
It will be updated with details for specific features/services which will be included in this batch of submitted suffixes.


Public Suffix List (PSL) Pull Request (PR) Template

Each PSL PR needs to have a description, rationale, indication of DNS validation and syntax checking, as well as a number of acknowledgements from the submitter. This template must be included with each PR, and the submitting party MUST provide responses to all of the elements in order to be considered.

Checklist of required steps

  • Description of Organization

  • Robust Reason for PSL Inclusion

  • DNS verification via dig

  • Run Syntax Checker (make test)

  • Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration, and we shall keep the _PSL txt record in place in the respective zone(s) in the affected section

Submitter affirms the following:

  • We are listing any third-party limits that we seek to work around in our rationale such as those between IOS 14.5+ and Facebook (see Issue #1245 as a well-documented example)
    AWS does not submit suffixes to the Public Suffix List to work around rate-limits of any third-party products or tooling.

  • This request was not submitted with the objective of working around other third-party limits
    Please see the Reason section below for objectives in this pull request.

  • The submitter acknowledges that it is their responsibility to maintain the domains within their section. This includes removing names which are no longer used, retaining the _psl DNS entry, responding to e-mails to the supplied address. Failure to maintain entries may result in removal of individual entries or the entire section.

  • The Guidelines were carefully read and understood, and this request conforms

  • The submission follows the guidelines on formatting and sorting

Abuse Contact:


For Private section requests that are submitting entries for domains that match their organization website's primary domain, please understand that this can have impacts that may not match the desired outcome and take a long time to rollback, if at all.

To ensure that requested changes are entirely intentional, make sure that you read the affectation and propagation expectations, that you understand them, and confirm this understanding.

PR Rollbacks have lower priority, and the volunteers are unable to control when or if browsers or other parties using the PSL will refresh or update.

(Link: about propagation/expectations)

  • Yes, I understand. I could break my organization's website cookies etc. and the rollback timing, etc is acceptable. Proceed.

Description of Organization

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud, offering over 200 fully featured services from data centers globally.
More information about AWS is available on our website:
What is AWS?

Organization Website:
AWS Homepage

Reason for PSL Inclusion

These features/services have been identified by AWS Security and AWS service
teams as supporting different distinct customers/resources across shared
DNS suffixes. Adding these suffixes to the PSL is expected to improve the
security posture of customers using our services. This may include:

  • impact to the Same-Origin Policy in modern browsers (cookies + others)
  • representation of these domains to the CA/Browser Forum
  • any other use-cases of the PSL which may benefit from updated information about multi-tenant AWS services

Number of users this request is being made to serve:

These changes are expected to impact all customers using these AWS services.
This includes both AWS-internal and external customers. Specific user counts
for these listed features/services are not publicly available.

Services/Features in PR:

TBD - will be updated when list of features/services is finalized.

DNS Verification via dig

TBD - will be updated when list of features/services is finalized.

Results of Syntax Checker (make test)

TBD - will be updated when list of features/services is finalized.

Kin Ip Mong and others added 2 commits October 14, 2024 16:22
@wdhdev
Copy link
Contributor

wdhdev commented Oct 14, 2024

@james-not-really Can you please update your template to the latest one, you are missing one or two new things we require.

@james-not-really
Copy link
Author

wdhdev commented @james-not-really Can you please update your template to the latest one, you are missing one or two new things we require.

Thank you for pointing out that our template is out of date. We have updated both our draft pull request and our internal documentation to reflect the latest template prior to Amazon's quarterly submission.

@wdhdev
Copy link
Contributor

wdhdev commented Dec 11, 2024

Hi again @james-not-really just wanted to point out we no longer require the syntax checks in the PR template, you can remove them as well. Sorry for the updates regarding the template recently!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants