IETF Logo Mail Archive

Re: Working Group Last Call for draft-ietf-httpbis-legally-restricted-status

Julian Reschke <julian.reschke@greenbytes.de> Sat, 03 October 2015 18:27 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A09D21A00DB for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 3 Oct 2015 11:27:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.912
X-Spam-Level:
X-Spam-Status: No, score=-6.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jX9N7M0YWjup for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 3 Oct 2015 11:27:41 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C99A1A00DC for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sat, 3 Oct 2015 11:27:40 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1ZiRTJ-0000SL-5V for ietf-http-wg-dist@listhub.w3.org; Sat, 03 Oct 2015 18:23:49 +0000
Resent-Date: Sat, 03 Oct 2015 18:23:49 +0000
Resent-Message-Id: <E1ZiRTJ-0000SL-5V@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <julian.reschke@greenbytes.de>) id 1ZiRTF-0000R9-5f for ietf-http-wg@listhub.w3.org; Sat, 03 Oct 2015 18:23:45 +0000
Received: from mail.greenbytes.de ([217.91.35.233]) by maggie.w3.org with esmtps (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from <julian.reschke@greenbytes.de>) id 1ZiRTC-0008Ly-5y for ietf-http-wg@w3.org; Sat, 03 Oct 2015 18:23:44 +0000
Received: from [192.168.178.20] (unknown [93.217.107.237]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mail.greenbytes.de (Postfix) with ESMTPSA id 2E78C15A04EC; Sat, 3 Oct 2015 20:23:18 +0200 (CEST)
To: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
References: <0E5383DD-927C-493F-90C4-4A9C7CB93308@mnot.net>
From: Julian Reschke <julian.reschke@greenbytes.de>
Message-ID: <56101D17.4050900@greenbytes.de>
Date: Sat, 03 Oct 2015 20:23:19 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <0E5383DD-927C-493F-90C4-4A9C7CB93308@mnot.net>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Received-SPF: pass client-ip=217.91.35.233; envelope-from=julian.reschke@greenbytes.de; helo=mail.greenbytes.de
X-W3C-Hub-Spam-Status: No, score=-5.3
X-W3C-Hub-Spam-Report: AWL=-0.341, BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, W3C_AA=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1ZiRTC-0008Ly-5y 80367c4f8c2ae1e540c4a23f17211ae2
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Working Group Last Call for draft-ietf-httpbis-legally-restricted-status
Archived-At: <http://www.w3.org/mid/56101D17.4050900@greenbytes.de>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/30318
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Some feedback below:

> 1.  Introduction
>
> ...
>
>    Feedback should occur on the ietf-http-wg@w3.org mailing list.


(This should go in the boilerplate, not the actual spec text; and yes, 
the RFC production center will catch it)

> 3.  451 Unavailable For Legal Reasons
>
> ...
>
>    The use of the 451 status code implies neither the existence nor non-
>    existence of the resource named in the request.  That is to say, it
>    is possible that if the legal demands were removed, a request for the
>    resource still might not succeed.
> ...

Might be good if we could avoid talking about existence or non-existence 
of resources.

> 4.  Identifying Blocking Entities
>
>    As noted above, when an attempt to access a resource fails with
>    status 451, the entity blocking access might or might not be the
>    origin server.  There are a variety of entities in the resource-
>    access path which could choose to deny access, for example ISPs,
>    cache providers, and DNS servers.
> ...

If the access was blocked on the DNS level, how would the status code work?

Also: the example should use the link header field.


> 5.  Security Considerations
>
> 5.1.  451 Unavailable for Legal Reasons
>
>    The 451 status code is optional; clients cannot rely upon its use.
>    It is possible that certain legal authorities might wish to avoid
>    transparency, and not only demand the restriction of access to
>    certain resources, but also avoid disclosing that the demand was
>    made.

1) We don't need a nested subsection here. 2) Avoid use of lowercased 
BCP14 terms...

> 6.  IANA Considerations
>
>    The HTTP Status Codes Registry should be updated with the following
>    entry:
>
>    o  Code: 451
>
>    o  Description: Unavailable for Legal Reasons
>
>    o  Specification: [ this document ]

We'll need the IANA considerations for the new link relation as well.

Best regards, Julian

v2.23.0 | Report a Bug | By Email