IETF Logo Mail Archive

Re: [apps-discuss] Call For Adoption: draft-nottingham-safe-hint

James M Snell <jasnell@gmail.com> Mon, 21 July 2014 19:48 UTC

Return-Path: <jasnell@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FB3B1A03BD for <apps-discuss@ietfa.amsl.com>; Mon, 21 Jul 2014 12:48:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.8
X-Spam-Level:
X-Spam-Status: No, score=-0.8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, J_CHICKENPOX_46=0.6, J_CHICKENPOX_48=0.6, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PQpaZLOa1KJC for <apps-discuss@ietfa.amsl.com>; Mon, 21 Jul 2014 12:48:11 -0700 (PDT)
Received: from mail-oi0-x22f.google.com (mail-oi0-x22f.google.com [IPv6:2607:f8b0:4003:c06::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04DF41A02FA for <apps-discuss@ietf.org>; Mon, 21 Jul 2014 12:48:10 -0700 (PDT)
Received: by mail-oi0-f47.google.com with SMTP id x69so3748581oia.34 for <apps-discuss@ietf.org>; Mon, 21 Jul 2014 12:48:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; bh=2Kt8bJasZ5NEiBzfJyHw5IpsJ6hcxLxC+Cf0iNmT8bk=; b=u/2zUHCIyY6BVGFhH1/nkjgLCg4/i8oIBLa769OM05fx456zIJD/U3HEcKoIsKyJnT Rg9bibPU6EbTPLItU0Grcj5W+rov/9RHriI8qYq8Zk7L/wIfr4hwaUpUku4HBPHwFnb8 hrf3edb/iMTVW7ewJs9PsYLJ/pv+8+8Y/cbZZb7D25THGr3LKFGdD4p/BtaMpqtJiRCl F3dICoFYyd/6b4OVe4kmwRIsbkm5MRG2nbD7tcNdsIlv05UjNb0i6uFB6z2S5W5ToO5O SgJBcWlwhNAsmi08y+3JKMIqOgxdg/GEqJ3AFswOaegZaav3pznxcloQp05J+xN5aVpo oagg==
X-Received: by 10.60.97.40 with SMTP id dx8mr18917096oeb.27.1405972089995; Mon, 21 Jul 2014 12:48:09 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.60.179.81 with HTTP; Mon, 21 Jul 2014 12:47:49 -0700 (PDT)
In-Reply-To: <91D00BD5-CB7C-4F60-9497-60BD3B336A4A@mnot.net>
References: <CAL0qLwZtqm5apMhET+QSu2wsmLUWysXdsJzBsrU5oi4p0xsAEg@mail.gmail.com> <CABP7Rbe0cW-mjgSUAwtDDa1a8WP6aDwqF4r9bCdtfPonocbH6w@mail.gmail.com> <91D00BD5-CB7C-4F60-9497-60BD3B336A4A@mnot.net>
From: James M Snell <jasnell@gmail.com>
Date: Mon, 21 Jul 2014 12:47:49 -0700
Message-ID: <CABP7RbdUTKkW=kL46CbAuE4w1bgFtyY9kdbEnD_2NVSqHj2CCg@mail.gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/apps-discuss/dxVZ619yQnPBExJG8NaBhkwCWLY
Cc: IETF Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] Call For Adoption: draft-nottingham-safe-hint
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss/>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Jul 2014 19:48:12 -0000

At the very least, there needs to be a mechanism for explicitly
requesting that safe browsing mode be turned off (e.g. Prefer:
safe=off). Beyond that, as I said, I won't be implementing this
myself, so if potential implementers are providing feedback that a
simple boolean flag is good enough, then I certainly do not object.

On Mon, Jul 21, 2014 at 12:35 PM, Mark Nottingham <mnot@mnot.net> wrote:
> The overwhelming feedback I’ve had is that making this anything other than a binary flag is a non-starter — both because we’d have to define a universal taxonomy, and because we’d be exposing more than one bit of information for fingerprinting.
>
> Note that the draft currently allows sites to have finer gradations of preferences overlaid via their own mechanisms (e.g., cookies) if need be.
>
> Cheers,
>
>
> On 21 Jul 2014, at 12:45 pm, James M Snell <jasnell@gmail.com> wrote:
>
>> I'm generally +1 on the draft but do not currently have any specific
>> implementation plan (I just don't need it for my stuff). I will note,
>> however, that this draft makes the assumption that "safe mode" is a
>> binary on-off preference; however, both Google and Bing (as examples)
>> offer three choices: Off, Moderate and Strict. The Prefer header
>> allows for optional parameters and I think it would be worthwhile to
>> leverage that capability here.
>>
>>  Prefer: safe=moderate
>>  Prefer: safe=strict
>>  Prefer: safe=off
>>
>> Note, also, that additional parameters may be applied if additional
>> granularity is required. For instance:
>>
>>  Prefer: safe=strict; max=Y7   (prefer strict safe mode with a max
>> rating of Y7)
>>
>> - James
>>
>> On Mon, Jul 21, 2014 at 9:28 AM, Murray S. Kucherawy
>> <superuser@gmail.com> wrote:
>>> draft-nottingham-safe-hint
>>
>> _______________________________________________
>> apps-discuss mailing list
>> apps-discuss@ietf.org
>> https://www.ietf.org/mailman/listinfo/apps-discuss
>
> --
> Mark Nottingham   http://www.mnot.net/
>
>
>

v2.23.0 | Report a Bug | By Email