Re: [apps-discuss] Call For Adoption: draft-nottingham-safe-hint
John C Klensin <john@jck.com> Tue, 29 July 2014 13:35 UTC
Return-Path: <john@jck.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2DAE1B28A8 for <apps-discuss@ietfa.amsl.com>; Tue, 29 Jul 2014 06:35:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gtWeG6bA7stC for <apps-discuss@ietfa.amsl.com>; Tue, 29 Jul 2014 06:35:42 -0700 (PDT)
Received: from bsa2.jck.com (bsa2.jck.com [70.88.254.51]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABCE61B28B7 for <apps-discuss@ietf.org>; Tue, 29 Jul 2014 06:35:42 -0700 (PDT)
Received: from [198.252.137.115] (helo=JcK-HP8200.jck.com) by bsa2.jck.com with esmtp (Exim 4.82 (FreeBSD)) (envelope-from <john@jck.com>) id 1XC7UM-0000Pq-Ap; Tue, 29 Jul 2014 09:30:46 -0400
Date: Tue, 29 Jul 2014 09:35:26 -0400
From: John C Klensin <john@jck.com>
To: Paul Hoffman <paul.hoffman@vpnc.org>
Message-ID: <AA77097872EADA81E8823102@JcK-HP8200.jck.com>
In-Reply-To: <91C8EFC9-E16F-44CE-9BED-C6FD47C07EBF@vpnc.org>
References: <CAL0qLwZtqm5apMhET+QSu2wsmLUWysXdsJzBsrU5oi4p0xsAEg@mail.gmail.com> <CA+9kkMBDwbfPEcrQkLKCBTNxduRci25n43F_qYJcg4UffCLDiw@mail.gmail.c om> <53D01455.6090504@cisco.com> <CA+9kkMABPpOdMoi11mJ61ey0ps7e_XxyrWY0PTsoZw_S5rjzBg@mail.gmail.com> <53D1115C.2010903@dcrocker.net> <CA+9kkMAp_T8hHR24M_RJUO5MYyRFfaLgWhQ8wtE5T9HrqMSs+A@mail.gmail.com> <CAC4RtVAt-NHQjvb70kdBhg71qumq-P44f-JvC2wvb=Ufq_QgJQ@mail.gmail.c om> <CA+9kkMD5D115-zzxQW0CQNn9LTBecLcp7GB8-B5aGieo1RZxfg@mail.gmail.com> <53D526A1.5030505@cs.tcd.ie> <CD39E9F8-8F7A-4B36-8133-1C5576EF69A3@mnot.net> <53D5A36E.5010000@cs.tcd.ie> <45E595ED-0AA6-4B8B-892C-FAFAE2B8002E@mnot.net> <53D5A78D.8060102@cs.tcd.ie> <91C8EFC9-E16F-44CE-9BED-C6FD47C07EBF@vpnc.org>
X-Mailer: Mulberry/4.0.8 (Win32)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-SA-Exim-Connect-IP: 198.252.137.115
X-SA-Exim-Mail-From: john@jck.com
X-SA-Exim-Scanned: No (on bsa2.jck.com); SAEximRunCond expanded to false
Archived-At: http://mailarchive.ietf.org/arch/msg/apps-discuss/C0QBoXZTlzcZZVb2DYUd2ojW8As
Cc: Mark Nottingham <mnot@mnot.net>, IETF Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] Call For Adoption: draft-nottingham-safe-hint
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss/>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jul 2014 13:35:46 -0000
--On Sunday, July 27, 2014 18:41 -0700 Paul Hoffman <paul.hoffman@vpnc.org> wrote: > Given your worry that someone might successfully extend this > specification in the future, but we might stop them from doing > their own (dangerous) multi-faceted header, would your concern > be mitigated by something in the spec that says "this header > may never have any value than the one specified in this > document"? Paul, My sense is that our track record when saying "this may never have any value..." has been rotten. The people, or implementers, who think they need additional capabilities just ignore such constraints and do their own thing, typically in a way that creates confusion rather than interoperability. If we were going to do anything along those lines, it would be better to lay out some minimal syntax with no semantics and then reserve it for future extension and explain why the reservation is needed and specify what to do if a current-technology server implementation encounters a use of the extended syntax. So, if one wants to try to keep the spec to a single bit (at least until some other consensus emerges), it would probably be best to specify a parameter field (see draft-snell-http-prefer-18), to specify that it is reserved for future expansion and semantics, and even to require that, should a non-null parameter field appear, it most contain a version number and, for now, a value of 0 and nothing else and that a server encountering a non-zero version number or parameter field not containing such a version number must treat the field as missing. If one wanted to be really aggressive about that, one might require that a server encountered a non-empty, none-version-zero parameter would return an error message rather than any web content. That is a bit extreme but, if we really want to "stop them from doing their own...", that would probably do it where "never have any value..." would not. Stephen, I don't see the Chinese issue as particularly relevant to this proposed extension. Their current policy, at least as widely reported outside China, is "nothing is allowed on the network that is not 'safe' as we define it". The presence of a header that says "I prefer 'safe'" would have no impact at all, positive or negative, on such a policy since there is already a policy requiring that sites emit only "safe" material (whether the header is present or not). It would be different if there were no precedent for sites returning different, or a more restrictive set of, material for different types of users but the sites Mark identifies have already shown both the ability and willingness to do that. FWIW, while the definition of "safe" varies, the perceived Chinese requirement/behavior is not, AFAICT, significantly different from that advocated by various "conservative" or Internet-afraid legislators around the world. I'm afraid of those legislators, but I don't see how this header would affect them one way or the other. In that regard, it is somewhat like the evil bit of RFC 3514 and far more like the claims that ICANN's delegation of the XXX TLD would make the Internet safe for children and others who didn't want to be exposed to pornography. I don't expect this header to be very useful, but suspect that standardizing it, with appropriate disclaimers, might turn out to be better than leaving each system to figure out its own format and implied semantics. john
- [apps-discuss] Call For Adoption: draft-nottingha… Murray S. Kucherawy
- Re: [apps-discuss] Call For Adoption: draft-notti… James M Snell
- Re: [apps-discuss] Call For Adoption: draft-notti… John Levine
- Re: [apps-discuss] Call For Adoption: draft-notti… Mark Nottingham
- Re: [apps-discuss] Call For Adoption: draft-notti… James M Snell
- Re: [apps-discuss] Call For Adoption: draft-notti… Mark Nottingham
- Re: [apps-discuss] Call For Adoption: draft-notti… John Levine
- Re: [apps-discuss] Call For Adoption: draft-notti… Dave Crocker
- Re: [apps-discuss] Call For Adoption: draft-notti… James M Snell
- Re: [apps-discuss] Call For Adoption: draft-notti… John R Levine
- Re: [apps-discuss] Call For Adoption: draft-notti… Andrew Sullivan
- Re: [apps-discuss] Call For Adoption: draft-notti… Eric Burger
- Re: [apps-discuss] Call For Adoption: draft-notti… Andrew Sullivan
- Re: [apps-discuss] Call For Adoption: draft-notti… James M Snell
- Re: [apps-discuss] Call For Adoption: draft-notti… Carsten Bormann
- Re: [apps-discuss] Call For Adoption: draft-notti… Dave Cridland
- Re: [apps-discuss] Call For Adoption: draft-notti… Sean Leonard
- Re: [apps-discuss] Call For Adoption: draft-notti… Sean Leonard
- Re: [apps-discuss] Call For Adoption: draft-notti… Dave Crocker
- Re: [apps-discuss] Call For Adoption: draft-notti… John Levine
- Re: [apps-discuss] Call For Adoption: draft-notti… Martin Thomson
- Re: [apps-discuss] Call For Adoption: draft-notti… Dave Crocker
- Re: [apps-discuss] Call For Adoption: draft-notti… Ted Hardie
- Re: [apps-discuss] Call For Adoption: draft-notti… James M Snell
- Re: [apps-discuss] Call For Adoption: draft-notti… Eliot Lear
- Re: [apps-discuss] Call For Adoption: draft-notti… Murray S. Kucherawy
- Re: [apps-discuss] Call For Adoption: draft-notti… John R Levine
- Re: [apps-discuss] Call For Adoption: draft-notti… Douglas Otis
- Re: [apps-discuss] Call For Adoption: draft-notti… Sean Leonard
- Re: [apps-discuss] Call For Adoption: draft-notti… Karl Dubost
- Re: [apps-discuss] Call For Adoption: draft-notti… Andrew Sullivan
- Re: [apps-discuss] Call For Adoption: draft-notti… Ted Hardie
- Re: [apps-discuss] Call For Adoption: draft-notti… Arnt Gulbrandsen
- Re: [apps-discuss] Call For Adoption: draft-notti… Eliot Lear
- Re: [apps-discuss] Call For Adoption: draft-notti… Dave Crocker
- Re: [apps-discuss] Call For Adoption: draft-notti… Martin Thomson
- Re: [apps-discuss] Call For Adoption: draft-notti… Erik Wilde
- Re: [apps-discuss] Call For Adoption: draft-notti… Ted Hardie
- Re: [apps-discuss] Call For Adoption: draft-notti… Dave Crocker
- Re: [apps-discuss] Call For Adoption: draft-notti… Paul Hoffman
- Re: [apps-discuss] Call For Adoption: draft-notti… John Levine
- Re: [apps-discuss] Call For Adoption: draft-notti… Ted Hardie
- Re: [apps-discuss] Call For Adoption: draft-notti… Barry Leiba
- Re: [apps-discuss] Call For Adoption: draft-notti… Ted Hardie
- Re: [apps-discuss] Call For Adoption: draft-notti… John Levine
- Re: [apps-discuss] Call For Adoption: draft-notti… Hector Santos
- Re: [apps-discuss] Call For Adoption: draft-notti… Martin Thomson
- Re: [apps-discuss] Call For Adoption: draft-notti… Hector Santos
- Re: [apps-discuss] Call For Adoption: draft-notti… Mark Nottingham
- Re: [apps-discuss] Call For Adoption: draft-notti… James M Snell
- Re: [apps-discuss] Call For Adoption: draft-notti… Martin J. Dürst
- Re: [apps-discuss] Call For Adoption: draft-notti… James M Snell
- Re: [apps-discuss] Call For Adoption: draft-notti… Graham Klyne
- Re: [apps-discuss] Call For Adoption: draft-notti… Murray S. Kucherawy
- Re: [apps-discuss] Call For Adoption: draft-notti… Murray S. Kucherawy
- Re: [apps-discuss] Call For Adoption: draft-notti… Rob Trace
- Re: [apps-discuss] Call For Adoption: draft-notti… Hector Santos
- Re: [apps-discuss] Call For Adoption: draft-notti… Dave Crocker
- Re: [apps-discuss] Call For Adoption: draft-notti… Salvatore Loreto
- Re: [apps-discuss] Call For Adoption: draft-notti… John C Klensin
- Re: [apps-discuss] Call For Adoption: draft-notti… Eric Burger
- Re: [apps-discuss] Call For Adoption: draft-notti… John C Klensin
- Re: [apps-discuss] Call For Adoption: draft-notti… Stephen Farrell
- Re: [apps-discuss] Call For Adoption: draft-notti… Stephen Farrell
- Re: [apps-discuss] Call For Adoption: draft-notti… John C Klensin
- Re: [apps-discuss] Call For Adoption: draft-notti… Stephen Farrell
- Re: [apps-discuss] Call For Adoption: draft-notti… Mark Nottingham
- Re: [apps-discuss] Call For Adoption: draft-notti… Stephen Farrell
- Re: [apps-discuss] Call For Adoption: draft-notti… Mark Nottingham
- Re: [apps-discuss] Call For Adoption: draft-notti… Stephen Farrell
- Re: [apps-discuss] Call For Adoption: draft-notti… Paul Hoffman
- Re: [apps-discuss] Call For Adoption: draft-notti… James M Snell
- Re: [apps-discuss] Call For Adoption: draft-notti… Salvatore Loreto
- Re: [apps-discuss] Call For Adoption: draft-notti… Stephen Farrell
- Re: [apps-discuss] Call For Adoption: draft-notti… Salvatore Loreto
- Re: [apps-discuss] Call For Adoption: draft-notti… Stephen Farrell
- Re: [apps-discuss] Call For Adoption: draft-notti… John Levine
- Re: [apps-discuss] Call For Adoption: draft-notti… Mark Nottingham
- Re: [apps-discuss] Call For Adoption: draft-notti… James M Snell
- Re: [apps-discuss] Call For Adoption: draft-notti… Eliot Lear
- Re: [apps-discuss] Call For Adoption: draft-notti… James M Snell
- Re: [apps-discuss] Call For Adoption: draft-notti… John C Klensin
- Re: [apps-discuss] Call For Adoption: draft-notti… Barry Leiba
- Re: [apps-discuss] Call For Adoption: draft-notti… John Levine
- Re: [apps-discuss] Call For Adoption: draft-notti… Hector Santos
- Re: [apps-discuss] Call For Adoption: draft-notti… Arnt Gulbrandsen
- Re: [apps-discuss] Call For Adoption: draft-notti… Hector Santos
- Re: [apps-discuss] Call For Adoption: draft-notti… Arnt Gulbrandsen
- Re: [apps-discuss] Call For Adoption: draft-notti… Hector Santos
- Re: [apps-discuss] Call For Adoption: draft-notti… Arnt Gulbrandsen
- Re: [apps-discuss] Call For Adoption: draft-notti… Eliot Lear
- Re: [apps-discuss] Call For Adoption: draft-notti… Murray S. Kucherawy
- Re: [apps-discuss] Call For Adoption: draft-notti… Martin J. Dürst
- Re: [apps-discuss] Call For Adoption: draft-notti… Paul Hoffman
- Re: [apps-discuss] Call For Adoption: draft-notti… John R Levine
- Re: [apps-discuss] Call For Adoption: draft-notti… Stephen Farrell
- Re: [apps-discuss] Call For Adoption: draft-notti… Eric Burger
- Re: [apps-discuss] Call For Adoption: draft-notti… John Levine