[hrpc] Remarks about draft-manyfolks-hrcrfc7725
Stephane Bortzmeyer <bortzmeyer@nic.fr> Sat, 11 November 2017 07:41 UTC
Return-Path: <bortzmeyer@nic.fr>
X-Original-To: hrpc@ietfa.amsl.com
Delivered-To: hrpc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 834A112426E for <hrpc@ietfa.amsl.com>; Fri, 10 Nov 2017 23:41:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id giZtcHDwPkDf for <hrpc@ietfa.amsl.com>; Fri, 10 Nov 2017 23:41:11 -0800 (PST)
Received: from mail.bortzmeyer.org (aetius.bortzmeyer.org [IPv6:2001:4b98:dc0:41:216:3eff:fece:1902]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 90187120726 for <hrpc@irtf.org>; Fri, 10 Nov 2017 23:41:11 -0800 (PST)
Received: by mail.bortzmeyer.org (Postfix, from userid 10) id 7554F31D12; Sat, 11 Nov 2017 08:41:07 +0100 (CET)
Received: by godin (Postfix, from userid 1000) id BF0D9EC0B73; Sat, 11 Nov 2017 08:40:33 +0100 (CET)
Date: Sat, 11 Nov 2017 15:40:33 +0800
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: hrpc@irtf.org
Cc: Tim Bray <tbray@textuality.com>
Message-ID: <20171111074033.GA24638@laperouse.bortzmeyer.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
X-Transport: UUCP rules
X-Operating-System: Ubuntu 16.04 (xenial)
X-Charlie: Je suis Charlie
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/hrpc/wHlDw_7Ai-v6GHsKpHB7eggYPcU>
Subject: [hrpc] Remarks about draft-manyfolks-hrcrfc7725
X-BeenThere: hrpc@irtf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "niels@article19.org" <hrpc.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/hrpc>, <mailto:hrpc-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/hrpc/>
List-Post: <mailto:hrpc@irtf.org>
List-Help: <mailto:hrpc-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hrpc>, <mailto:hrpc-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Nov 2017 07:41:13 -0000
I think that this draft-manyfolks-hrcrfc7725 would be a welcome addition to a RFC 7725bis or to a RFC 8280bis. I have a few remarks about -00: Section 6 "HTTP 451 status code responses are unverified and may be fake and/or a vehicle to monitor the user and/or introduce malware." The entire section is unclear. Does "unverified" means that it was possibly modified in transit? (If so, the solution is obviously HTTPS.) And what is the relationship with malware? If the idea is that the response body may contain malware, what is specific to 451 responses? Section 11 "Possible anonymity concerns as identifiers might be introduced by the parties serving 451 status code." I'm simply unable to understand this sentence. Elaboration and exemples are needed. Section 16 "For integrity, a status code 451 should be delivered over HTTPS." Impossible, because the server has no choice: if the request was over HTTP, the response has to use the same TCP connection, hence HTTP. Section 19 "governments in those countries could mandate the implementation of status code 521 which will make it easier for them to monitor the implementation of their block orders. Finally, surveillance systems in some countries could be updated to watch out for the 521 error code" 521 does not exist, is it 451?
- [hrpc] Remarks about draft-manyfolks-hrcrfc7725 Stephane Bortzmeyer