Apologies if this has been already discussed. I quick search of rust-lang users and internals didn't find anything. A related conversation is Rust behind a corporate firewall but that focuses on mirroring of packages so I thought I would make a new topic. The issue to bring up is that a lot of corporate firewalls will block the ".rs" top level domain. Depending on the company you may be able to request exceptions. But those are typically requested one at a time for each domain and the requests take some time to process.
Here are some sites that are affected:
diesel.rs
nickel.rs
piston.rs
zinc.rs
tokio.rs
hyper.rs
Just want to raise awareness of the issue. As Rust gets adopted more by industry this might become more of an issue.
I think if your IT team is blocking .rs (serbia) then you should get them to unblock it. If they won't do that then then subverting their 'security' by mirroring sites via sneakernet or whatever will probably go down like a lead balloon.
Another important domain would be rustup.rs since the the first advertised way to install it on Linux and macOS is to curl https://sh.rustup.rs ... adding one more barrier to an easy install experience.
It's hard to evaluate the seriousness of this issue without further information. Do we have any numbers to indicate that .rs is blocked significantly more often than other tlds?
Frankly, I'm also quite worried about the long-term impacts of relying on Serbian infrastructure. It could bite us badly with changes in global politics. It may be prudent to migrate to some other scheme.
With regards to the magnitude of the issue, yeah I was thinking over the next week of trying to do an informal survey on twitter to see how frequent the ".rs" domain is blocked by corporate firewalls.
It never occurred to me before that .io -> Iron Oxide -> Rust. I'm sure that wasn't an accident in crates.io, or at least we should pretend it was intentional anyway.
The ccTLDs are rarely managed by countries directly, but rather by non-profits (case for .rs), universities, or even Ltds (.me, .io). For that reason it is very unlikely these domains will go poof the same moment something serious happens and everybody will have plenty of time setup the 302s and stuff when stuff actually happens.
Yet another occurrence reported. It seems that we cannot fight the reality, even though (as @nagisa pointed out) the current governing authority of .rs, RNDIS, is a non-profit foundation and probably less affected by the politics.
I'm not sure if it's entirely feasible, but dns.js.org is an interesting precedent if you consider an alternative domain. It strongly relies on Github pages, but the only infrastructure requiring GH is the domain list manipulated by PRs and we already require that level of GH usages for crates.io. Maybe very common projects with .rs domains can be CNAMEed into that namespace when necessary.
It is shocking to know it. The second link is very interesting. I had io domain myself, it is going to retire eventually but can not be closed right now.
