Dear SRE Staff,
As we're trying to become more aware and conscious of our ecosystem, we'd like to keep an eye on how we do on search platforms outside of Google. To that end, there are folks in the Foundation who'd like to have access to Bing and Yandex search / webmaster consoles, analogous to the Google Search Console whose data we already heavily use.
This ticket is about how we prove to these various webmaster consoles that we indeed own the various Wikis.
This is already solved. Not sure what we did there, but we already have this verified in Google search console.
Bing
There are essentially two ways of verify this. You use OAuth to allow Bing to use your Google search console access to read the list of sites that Google verified for you and then Microsoft will just trust that implicitly. The problem is that the API scope for querying Google Search Console analytics data and for listing owned sites is the same, so theoretically Microsoft could just use the OAuth Token to read all analytics data for the Wikis into Bing, but that would be extraordinarily bad form. While we should probably be cautious, I'm just putting this option out there for completeness.
The other way to do this is adding a CNAME entry. Example (fudged):
b3506af62206ef714873baca9cadec92 with value verify.bing.com.
There are two other methods, namely a) putting a specified xml file in the web root, and putting a meta tag in the index page for a site. I'm going to assume that's going to be too much of a hassle to do.
Yandex
There's a Yandex webmaster console as well and they have, in addition to the xml file and meta tag methods, a DNS verification method. This time, it's with a TXT entry that contains this (fudged):
yandex-verification: c9c9d3ba2d2f5273
Questions
- How would SRE prefer to do this? DNS or XML file or meta tags?
- How would this scale to the 100-odd domains that host wikipedias? One way that comes to mind is that we could start with say the first 20 Wikipedias by language and then add the rest on demand?
If SRE is OK with proceeding, I could basically generate all of the data (XML files, DNS entries, or meta tags) in a set of text files and send it to you. Open to other ideas.
CC'd my manager Adam Baso given that this is somewhat sensitive.