Add eduhost.sk and eduweb.sk

[janneurocny]

Public Suffix List (PSL) Submission

Checklist of required steps

• Description of Organization

• Robust Reason for PSL Inclusion

• DNS verification via dig

• Each domain listed in the PRIVATE section has and shall maintain at least two years remaining on registration, and we shall keep the _psl TXT record in place in the respective zone(s).

Submitter affirms the following:

• We are listing any third-party limits that we seek to work around in our rationale such as those between IOS 14.5+ and Facebook (see Issue #1245 as a well-documented example)

• No third-party work arounds.

• This request was not submitted with the objective of working around other third-party limits.

• The submitter acknowledges that it is their responsibility to maintain the domains within their section. This includes removing names which are no longer used, retaining the _psl DNS entry, and responding to e-mails to the supplied address. Failure to maintain entries may result in removal of individual entries or the entire section.

• The Guidelines were carefully read and understood, and this request conforms to them.
• The submission follows the guidelines on formatting and sorting.

• A role-based email address has been used and this inbox is actively monitored with a response time of no more than 30 days.

Abuse Contact:

• Abuse contact information (email or web form) is available and easily accessible.

Abuse contact: [email protected]

---

For PRIVATE section requests that are submitting entries for domains that match their organization website's primary domain, please understand that this can have impacts that may not match the desired outcome and take a long time to rollback, if at all.

To ensure that requested changes are entirely intentional, make sure that you read the affectation and propagation expectations, that you understand them, and confirm this understanding.

PR Rollbacks have lower priority, and the volunteers are unable to control when or if browsers or other parties using the PSL will refresh or update.

(Link: about propagation/expectations)

• Yes, I understand. I could break my organization's website cookies and cause other issues, and the rollback timing is acceptable. Proceed anyways.

---

Description of Organization

We are an IT company that deals with the management and implementation of networks, servers, and hosting for private clients, companies, non-profit organizations, and schools in Slovakia.

Organization Website:

https://neurolabs.sk

Reason for PSL Inclusion

As mentioned, we manage several schools where students solve a number of school projects that are hosted on various free hostings. We want to move students under a single edu hosting, where they will have their personal profiles for presentation, DNS management for add records to their virtual servers, storage for their projects, which they will be able to not only develop there but also present to companies in case of an application for an internship or job. Our vision is to offer hosting publicly to other schools outside our administration, which would obtain web space for their students. These pages will serve you throughout your studies, from elementary school to university.

Number of users this request is being made to serve:

Current around 1200 and with registrations allowed for other schools and students, will be more

DNS Verification

dig +short TXT _psl.eduhost.sk
"https://github.com/publicsuffix/list/pull/2392"

dig +short TXT _psl.eduweb.sk
"https://github.com/publicsuffix/list/pull/2392"

[groundcat]

• Expiration (Note: Must STAY >2y at all times)
  • eduhost.sk Valid Until: 2028-02-20
  • eduweb.sk Valid Until: 2028-02-20
• DNS _psl entries (Note: Must STAY in place)
• Sorting
• Reasoning/Organization description
  • Comments: The relevance requirement seems to be met, assuming it is true that the user count is reportedly 1,200 and growing. However, notably, based on WHOIS, the domains eduhost.sk and eduweb.sk were both registered on February 20, 2025, just two days ago, so it is unclear how the figure of 1,200 users is justified. A Google search using the site: command returns no results. The organization's website, https://neurolabs.sk/, provides limited information, insufficient to understand the features of the service. The use case appears reasonable, as the subdomain owners could be mutually untrusted parties.
• Non-personal email address
• Abuse contact
  • Both domains redirect to https://eduhost.sk/, where the abuse contact information can be found: Nahláste zneužitie služieb na [email protected]

[groundcat]

Questions:

1. Both eduhost.sk and eduweb.sk were registered on February 20, 2025. Could you explain how you currently have 1,200 users on these newly registered domains? Are these users being migrated from an existing platform?

2. Could you clarify the distinct purposes of eduhost.sk versus eduweb.sk in your infrastructure? Why are two separate domains needed?

3. Have you considered implementing __Host- prefixed cookies as an initial security measure for your subdomain isolation needs, while also exploring other application-level controls that could provide boundaries between apps without relying on the Public Suffix List? What isolation mechanisms are you currently using between student subdomains?

4. Could you provide public references or documentation about the schools currently working with your educational hosting platform to help verify its scope and legitimacy?

5. What is your long-term plan for maintaining these PSL entries, and have you considered implementing application-level controls that could provide subdomain isolation without relying solely on the PSL?

[groundcat]

Hello @janneurocny any updates?