IETF Logo Mail Archive

Re: Request-Off-The-Record Mode header

Shivan Kaul Sahib <shivankaulsahib@gmail.com> Mon, 12 June 2023 06:52 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA6EAC151549 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 11 Jun 2023 23:52:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.047
X-Spam-Level:
X-Spam-Status: No, score=-5.047 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MASiCAEGGxDs for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 11 Jun 2023 23:52:27 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78AB5C151546 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sun, 11 Jun 2023 23:52:27 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1q8bPU-00Dwm6-IN for ietf-http-wg-dist@listhub.w3.org; Mon, 12 Jun 2023 06:52:16 +0000
Resent-Date: Mon, 12 Jun 2023 06:52:16 +0000
Resent-Message-Id: <E1q8bPU-00Dwm6-IN@lyra.w3.org>
Received: from mimas.w3.org ([128.30.52.79]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <shivankaul.1993@gmail.com>) id 1q8bPS-00Dwje-Cp for ietf-http-wg@listhub.w3.org; Mon, 12 Jun 2023 06:52:14 +0000
Received: from mail-wm1-x329.google.com ([2a00:1450:4864:20::329]) by mimas.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from <shivankaul.1993@gmail.com>) id 1q8bPR-009SYW-3Q for ietf-http-wg@w3.org; Mon, 12 Jun 2023 06:52:14 +0000
Received: by mail-wm1-x329.google.com with SMTP id 5b1f17b1804b1-3f735259fa0so40046695e9.1 for <ietf-http-wg@w3.org>; Sun, 11 Jun 2023 23:52:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1686552729; x=1689144729; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=0iALL1veFZBGnB+My6iMHDgqJL7jiUku4N/RYlTEltM=; b=rV16yHkhi/y3rPGQM00Y2HdUaVoRYg8uvSW40+p496Bg3/bIcZUY22pa/U/ijvCuES LjwrirL6YLxQGKcm4C09onBqUoebrc6bA0KBcLtiVd7SQThRtvctua/EmIUDONKDw/7y PhrGb3xt4+/OIyMxILtmOSt/pER7RJvrCxUfpzbt7QWXKjojLZwS9bZwFGRkGR/wZqkq G1yUVbyIFCCrPqyaUYbA2b/H5ESSkSfg95oZB05mvCy3n9B7N8trZzrpgs1XNqiicgOH J8Kx1yDbzojVApGv5GbKllM4ZYsKVQa9i0AC1ybZ95F/pOryA/Ri3WVQaupzO2jT/xlw 7Qmw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686552729; x=1689144729; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=0iALL1veFZBGnB+My6iMHDgqJL7jiUku4N/RYlTEltM=; b=NFAPV7hUdMrBKgg1YYrpm7WRI4C7GeUeaaqcqY/a0Zjaeeiv9vukjP0vfzOXaWABA+ +ZDFSd/G5tUbNM/xN3BeSd0du/U1UC383i/sn9UA4K2kMfYhL3dI2Ze6TSp4xapYndhM 1uDMWWKSU1IS8LRncZ41sz+J/ZfXOQQs6RgQEspXqMd4XFuLwGwlWIhkcKDG2Bgm/91z jpUT302rKPa30YV+uCXkU7kurqqHpvq7n0TWOB3MjAXFwBmkWD992rta768q25KY5FVe WL5IGFC+JIjSIDUMgcPoLs4N/UOdA2DX/TUzHMqJ145SIwoB5w2zfcMR2thXnTlUtJ69 OL8Q==
X-Gm-Message-State: AC+VfDzmF4+DOstmZ8onX6AWbG3kuzflTI9r8XSrl9nzeI8C+PyFa8GT dtN6eh8HO+tsroLyV+67pWP+xOuxqw19QDeS8RQBkGhB
X-Google-Smtp-Source: ACHHUZ6BSqCTFBgYPQEDOwvw4xP2W2RbMEoDz8SIwPmaCXD3w+6/DC3JCrIpxlJTofDocivzZbCKvaR78VqjmHRO3sU=
X-Received: by 2002:a7b:cc12:0:b0:3f7:f398:e1ca with SMTP id f18-20020a7bcc12000000b003f7f398e1camr6641453wmh.26.1686552728552; Sun, 11 Jun 2023 23:52:08 -0700 (PDT)
MIME-Version: 1.0
References: <CAG3f7Mi=QVLNdxL5LWxzf-2uAT8KO9B-NWFoaM_HHOvpiPzbRA@mail.gmail.com> <SA1PR00MB1461642051E1C9091088F2D8F750A@SA1PR00MB1461.namprd00.prod.outlook.com> <CAPDSy+4dXuF1YTWAC+v0dAVF5E=+D45v35vL69od718KzAWKqQ@mail.gmail.com> <57fb06ff-0791-459c-9ea1-12149616f82c@betaapp.fastmail.com> <CACsn0cnvtcXHCmK5x0c4TBgmrHGS6KYf-sD=Z-U-UKSo3hm1Tg@mail.gmail.com>
In-Reply-To: <CACsn0cnvtcXHCmK5x0c4TBgmrHGS6KYf-sD=Z-U-UKSo3hm1Tg@mail.gmail.com>
From: Shivan Kaul Sahib <shivankaulsahib@gmail.com>
Date: Sun, 11 Jun 2023 23:51:32 -0700
Message-ID: <CAG3f7MgKc0Mg4gsOvrQwicq2uQ1VCJdz6yy=q8onp2FcA5K==A@mail.gmail.com>
To: Watson Ladd <watsonbladd@gmail.com>
Cc: Martin Thomson <mt@lowentropy.net>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="00000000000047c7af05fde928a9"
Received-SPF: pass client-ip=2a00:1450:4864:20::329; envelope-from=shivankaul.1993@gmail.com; helo=mail-wm1-x329.google.com
X-W3C-Hub-DKIM-Status: validation passed: (address=shivankaul.1993@gmail.com domain=gmail.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-5.9
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1q8bPR-009SYW-3Q 7a4ac073528df1831fb2fded2cfb33f3
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Request-Off-The-Record Mode header
Archived-At: <https://www.w3.org/mid/CAG3f7MgKc0Mg4gsOvrQwicq2uQ1VCJdz6yy=q8onp2FcA5K==A@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/51159
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Thu, 8 Jun 2023 at 21:45, Watson Ladd <watsonbladd@gmail.com> wrote:

> On Thu, Jun 8, 2023, 4:29 PM Martin Thomson <mt@lowentropy.net> wrote:
> >
> > I am a staunch opponent of the use of consent for this sort of thing.
> Notice, perhaps, I might be able to get behind.
> >
> > To manage risk of destroying potential audit trails, it seems like it
> would be reasonable for browsers to ignore the signal if the site took
> actions that might result in permanent effects (like downloads of malware,
> use of powerful features that do require consent, that sort of thing).  The
> browser might retain *less* information, and create warnings if it does,
> but accountability is important.
>
> We have consent with good reason for a camera usage but letting that
> make a site get recorded would mean a domestic violence hotline
> couldn't offer a video chat with a therapist with this feature.
>
> I can't claim to have the answers for that one but that's just one
> feature and example, and I don't know we can give terribly good
> guidance here. I think browser vendors will have to use their best
> judgement on the tradeoffs and UX to explain them, at the cost of the
> header meaning slightly different things across browsers.
>

 Yeah, I was imagining the UX would be up to the user agent. The header
would simply indicate that the website thinks that the user might not want
to keep traces of this interaction.

>
> Sincerely,
> Watson Ladd
>
>

v2.23.0 | Report a Bug | By Email