Hi all,
On 20/05/14 13:27, Silke Meyer wrote:
Hi again,
Indeed. Assuming WMDE isn't planning on not
having any web servers, their
existing web server for wikimedia.de can keep redirecting tools.wikimedia.de
to
toolserver.org. No changes necessary.
So okay, not making any change to the DNS entry is completely okay for
me. WMF ops then have to decide about the SSL certificate question.
keeping the
domain a CNAME just as is and considering it a deprecated
one at the WMF end makes the most sense to me. This way it is just a
legacy entry on WMDE side that never has to be touched again except for
eventual deletion. And on WMF side it will receive an invalid
certificate. So tools will not fail, but give a cert warning which
should hopefully trigger fixing URLs at the maintainers' at some point
in time. Also this solution does not need any special coordination of
certificates, A or MX-records and whatnot.
2cents
amette
If WMDE really
wants to remove them, they could point that subdomain to
WMF servers and have WMF do the redirect and simply don't provide an SSL
certificate. E.g. WMF would use a self-signed certificate or an invalid one
like
the one for
wikipedia.org, WMF does this all the time for old or unused
domains:
wikipedia.com
*
https://www.wikipedia.com/
wikimediacommons.org
*
https://wikimediacommons.org/
And if we really really want, one could purchase a separate certificate for
just
tools.wikimedia.org (so that the wildcard one isn't needed) and transfer
only
that to WMF.
For me, it is important that I don't have to deal with that domain any
longer. Simply keeping the CNAME causes on work at all. If you at WMF
want to handle the certificate question in the future, you can go
ahead. At the Hackathon, I understood that Coren is no fan of such a
solution though.
Best, Silke
--
--
https://amette.eu
mail(a)amette.eu