IETF Logo Mail Archive

Re: New Version Notification for draft-nottingham-proxy-explanation-00.txt

Ted Hardie <ted.ietf@gmail.com> Mon, 29 February 2016 20:07 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3ED71B3B35 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 29 Feb 2016 12:07:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.007
X-Spam-Level:
X-Spam-Status: No, score=-7.007 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.006, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SN7kLs_0Q2Nd for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 29 Feb 2016 12:07:09 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 727321B3502 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 29 Feb 2016 12:07:09 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1aaU1P-0003E1-TN for ietf-http-wg-dist@listhub.w3.org; Mon, 29 Feb 2016 20:02:23 +0000
Resent-Date: Mon, 29 Feb 2016 20:02:23 +0000
Resent-Message-Id: <E1aaU1P-0003E1-TN@frink.w3.org>
Received: from lisa.w3.org ([128.30.52.41]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <ted.ietf@gmail.com>) id 1aaU1K-0003DF-Tw for ietf-http-wg@listhub.w3.org; Mon, 29 Feb 2016 20:02:18 +0000
Received: from mail-qk0-f175.google.com ([209.85.220.175]) by lisa.w3.org with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) (Exim 4.80) (envelope-from <ted.ietf@gmail.com>) id 1aaU1J-0008AL-A2 for ietf-http-wg@w3.org; Mon, 29 Feb 2016 20:02:18 +0000
Received: by mail-qk0-f175.google.com with SMTP id x1so60978080qkc.1 for <ietf-http-wg@w3.org>; Mon, 29 Feb 2016 12:01:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=gC220z4AD9GPTB5rcZ+TrGPro287LxVT+3crf4LK7Ww=; b=Ye1k7OquGZEBp1FMZzs+haOCQEFdyYBWtE5maH2j3PxGhlqwNINQURY3S9YLh9z/dn Kl5w1Bx/nYXWFXSSnYEdzn863ITGPCzuoxANul4pf7OyiFxCR4jRaAqM7h1zZu1G5rOx 7Y6nt/kkvga3jOAV4N/5QVkcrs7B2vXBx0IN+VCod6hQbHeKUY5v2WjiNK+wYxoWydS6 B3xWrOIHzzeyakSG7jCh3e97FGhSyMyHx5g4yYatzFFnpd/KKwXGeZadVi9QQsKaTbk2 k93FO5UAK6GBr/QIk4WMwkbtHhuDs5H/M/ORxJ5MtYqr9HQPJcWIE9cnXDViBqA0fOGQ YmGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=gC220z4AD9GPTB5rcZ+TrGPro287LxVT+3crf4LK7Ww=; b=lnBM9AZayvLbUHOKmjqcr9NOwaOViTDb3qYE6KhEiYlV/GL7fMhTwdQvLzBTpcyFZR NXBPpbVgZs1mmS2sNy7SkdudLt2in8/gE3li/mBz3ur/2WIXPvb5WKDNbRXbjKc0AhYR ie/B4TXIAv/Y8lr3di6Pw2gdj43Lw1v6Bzub/dQuRP1/hlPZkNTIuM+ge01M2nk2efft Od+B/Ew8aRILfgvZWgZUykFBw9RTKx2ocbU9K5rvREEb4Gun3ouhPb7/ULDQPhJ3XBmr 5pAy6hQV+hepFOe77I+DTbt7zua9k3O042gkAuwdvmi4ip8shkdZqPyIjiyRyQr/hbXG G1og==
X-Gm-Message-State: AD7BkJIoNlwqAvGn+ptwlnWl/e9Ts4dNpINWM4imCa1463WeDglZ8RZcFIjaf9UUUG6klGkgafRTecjaidqBRA==
X-Received: by 10.55.195.16 with SMTP id a16mr21704888qkj.36.1456776111328; Mon, 29 Feb 2016 12:01:51 -0800 (PST)
MIME-Version: 1.0
Received: by 10.55.6.13 with HTTP; Mon, 29 Feb 2016 12:01:31 -0800 (PST)
In-Reply-To: <56F7C2DF-06AA-477C-8515-C152CC3A56A4@mnot.net>
References: <20160217003812.7831.6278.idtracker@ietfa.amsl.com> <56F7C2DF-06AA-477C-8515-C152CC3A56A4@mnot.net>
From: Ted Hardie <ted.ietf@gmail.com>
Date: Mon, 29 Feb 2016 12:01:31 -0800
Message-ID: <CA+9kkMC1Tce=eohXFSZfrD9cpJHOMOMKtoYqVbvUY3EwbboTqg@mail.gmail.com>
To: Mark Nottingham <mnot@mnot.net>
Cc: HTTP WG <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="001a11479d86a21500052cee1e06"
Received-SPF: pass client-ip=209.85.220.175; envelope-from=ted.ietf@gmail.com; helo=mail-qk0-f175.google.com
X-W3C-Hub-Spam-Status: No, score=-7.5
X-W3C-Hub-Spam-Report: AWL=1.221, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, W3C_AA=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: lisa.w3.org 1aaU1J-0008AL-A2 82544e483b74b0fd5839a55707a21c35
X-Original-To: ietf-http-wg@w3.org
Subject: Re: New Version Notification for draft-nottingham-proxy-explanation-00.txt
Archived-At: <http://www.w3.org/mid/CA+9kkMC1Tce=eohXFSZfrD9cpJHOMOMKtoYqVbvUY3EwbboTqg@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/31118
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

Howdy,

On Sun, Feb 28, 2016 at 5:59 PM, Mark Nottingham <mnot@mnot.net> wrote:

> FYI - would be interested in what people thought, as I know some folks
> have this problem.
>
> Pretty (and slightly updated) version at:
>   https://mnot.github.io/I-D/proxy-explanation/
>
> The document says about the HTML content in a 403 "but browsers are
unwilling to show this to end users, since doing so would subject them to a
potential man-in-the-middle attack."; this same reluctance seems to me
likely to apply to the URL in the proposed JSON structure.  You note the
issue considerations section, but seem to come down on the side of
including it anyway.  Can you explain more about why? What's the other side
of this trade-off look like, in your thinking?

I found it odd that the document talked about forbidding origin servers
from generating the media type, rather than returning it a response.  Below
you say it MUST NOT be used with 2xx or 3xx responses; it seems like you
could also use similar language for origin server/CDN use.

The document says that "Clients MAY selectively support this media type.
For example, an implementation might deem it only useful (or safe) in
CONNECT requests."  Given the other restrictions, I don't use case outside
of CONNECT, and I would normally say that you shouldn't send an accept
header where you're not willing to receive the type; am I missing some of
your thinking here?

regards,

Ted



>
> > Begin forwarded message:
> >
> > From: internet-drafts@ietf.org
> > Subject: New Version Notification for
> draft-nottingham-proxy-explanation-00.txt
> > Date: 17 February 2016 at 11:38:12 AM AEDT
> > To: "Mark Nottingham" <mnot@mnot.net>
> >
> >
> > A new version of I-D, draft-nottingham-proxy-explanation-00.txt
> > has been successfully submitted by Mark Nottingham and posted to the
> > IETF repository.
> >
> > Name:         draft-nottingham-proxy-explanation
> > Revision:     00
> > Title:                The application/proxy-explanation+json media type
> > Document date:        2016-02-17
> > Group:                Individual Submission
> > Pages:                7
> > URL:
> https://www.ietf.org/internet-drafts/draft-nottingham-proxy-explanation-00.txt
> > Status:
> https://datatracker.ietf.org/doc/draft-nottingham-proxy-explanation/
> > Htmlized:
> https://tools.ietf.org/html/draft-nottingham-proxy-explanation-00
> >
> >
> > Abstract:
> >   This specification defines the application/proxy-explanation+json
> >   media type, to allow HTTP proxies to explain to clients why a request
> >   is unsuccessful.
> >
> > Note to Readers
> >
> >   The issues list for this draft can be found at
> >   https://github.com/mnot/I-D/labels/proxy-explanation .
> >
> >   The most recent (often, unpublished) draft is at
> >   https://mnot.github.io/I-D/proxy-explanation/ .
> >
> >   Recent changes are listed at https://github.com/mnot/I-D/commits/gh-
> >   pages/proxy-explanation .
> >
> >
> >
> >
> > Please note that it may take a couple of minutes from the time of
> submission
> > until the htmlized version and diff are available at tools.ietf.org.
> >
> > The IETF Secretariat
> >
>
> --
> Mark Nottingham   https://www.mnot.net/
>
>
>

v2.23.0 | Report a Bug | By Email