IETF Logo Mail Archive

Re: Working Group Last Call for draft-ietf-httpbis-legally-restricted-status

Matthew Kerwin <matthew@kerwin.net.au> Tue, 13 October 2015 06:02 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2FDD1B38C2 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 12 Oct 2015 23:02:17 -0700 (PDT)
X-Quarantine-ID: <efAmpiJF-H5j>
X-Virus-Scanned: amavisd-new at amsl.com
X-Amavis-Alert: BANNED, message contains text/plain,.exe
X-Spam-Flag: NO
X-Spam-Score: -6.289
X-Spam-Level:
X-Spam-Status: No, score=-6.289 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id efAmpiJF-H5j for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 12 Oct 2015 23:02:15 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 527C41B38BE for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 12 Oct 2015 23:02:14 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1Zlsbq-0003hZ-Eg for ietf-http-wg-dist@listhub.w3.org; Tue, 13 Oct 2015 05:58:50 +0000
Resent-Date: Tue, 13 Oct 2015 05:58:50 +0000
Resent-Message-Id: <E1Zlsbq-0003hZ-Eg@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <phluid61@gmail.com>) id 1Zlsbm-0003gs-0k for ietf-http-wg@listhub.w3.org; Tue, 13 Oct 2015 05:58:46 +0000
Received: from mail-qk0-f174.google.com ([209.85.220.174]) by maggie.w3.org with esmtps (TLS1.2:RSA_ARCFOUR_SHA1:128) (Exim 4.80) (envelope-from <phluid61@gmail.com>) id 1Zlsbf-0000E2-KE for ietf-http-wg@w3.org; Tue, 13 Oct 2015 05:58:45 +0000
Received: by qkht68 with SMTP id t68so2970794qkh.3 for <ietf-http-wg@w3.org>; Mon, 12 Oct 2015 22:58:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=KciQpTGtyIEzNvJH9nr6S+qi0a3oOZ15Bb/lahhg/4M=; b=WPH9/GkxHFcRaMMdY2jeCMO13+kdtjN8DstogFsm0KN86cZYVTL17qK7al+MBK8cu+ k6mfLs6qfiKbsn/YahzSaXhrMeFOz028a9vkcmwfRvhaTjd1AL6rqqpUtA3vrXGAeK8Y 75L/xbQcs3MKl6+e+uFWu3kmcOokC3OnA7zt7yLkwiOjlEtVBrDGeoH0qwlFfVtO6oSB DSFsMfHFtaFkspqbiO3PWoW35JTPAD7B0y4h7vxgdblxdLb2/kXGmr526Mmw5DSWKcub VkN1RPk3GoYYfuPPnPmLWtbvtqbELkt3ExW6embSvx3L0cqXjprfPwBfcxaf18sqNEEE 1PcQ==
MIME-Version: 1.0
X-Received: by 10.55.49.75 with SMTP id x72mr38351430qkx.45.1444715893619; Mon, 12 Oct 2015 22:58:13 -0700 (PDT)
Sender: phluid61@gmail.com
Received: by 10.55.203.141 with HTTP; Mon, 12 Oct 2015 22:58:13 -0700 (PDT)
In-Reply-To: <561C86A8.8090800@measurement-factory.com>
References: <0E5383DD-927C-493F-90C4-4A9C7CB93308@mnot.net> <560C8035.5010209@measurement-factory.com> <B7347414-BC49-4D61-844B-6056F9155345@mnot.net> <560CB7A3.6080201@measurement-factory.com> <805EFF40-ECA6-4A67-AE3E-F165079F388C@mnot.net> <560D78A4.7070605@measurement-factory.com> <C2ABFB3A-DDD2-4D09-B8BC-5B9DA21D2561@mnot.net> <561C86A8.8090800@measurement-factory.com>
Date: Tue, 13 Oct 2015 15:58:13 +1000
X-Google-Sender-Auth: 5AKEnNilQyDT-F_hn13UAtFG2p4
Message-ID: <CACweHNDmWH-iKEWgx5rJf0ssNRvHGROgFQymEpxvb_es0Ubr0A@mail.gmail.com>
From: Matthew Kerwin <matthew@kerwin.net.au>
To: Alex Rousskov <rousskov@measurement-factory.com>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="001a114903a6a4045e0521f62115"
Received-SPF: pass client-ip=209.85.220.174; envelope-from=phluid61@gmail.com; helo=mail-qk0-f174.google.com
X-W3C-Hub-Spam-Status: No, score=-5.1
X-W3C-Hub-Spam-Report: AWL=-0.781, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1Zlsbf-0000E2-KE 858591c05319a3e75540064cd1be0f18
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Working Group Last Call for draft-ietf-httpbis-legally-restricted-status
Archived-At: <http://www.w3.org/mid/CACweHNDmWH-iKEWgx5rJf0ssNRvHGROgFQymEpxvb_es0Ubr0A@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/30357
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 13 October 2015 at 14:20, Alex Rousskov <rousskov@measurement-factory.com
> wrote:

> On 10/12/2015 06:41 PM, Mark Nottingham wrote:
> >> On 2 Oct 2015, at 4:17 am, Alex Rousskov wrote:
> ​[snip]​
>
> >> An *outside force* other than a "legal demand" may compel me to block a
> >> resource. I speculate that most "blocked by external forces" content in
> >> the world is blocked by external forces other than a specific "legal
> >> demand". Should those who are forced to block by an external source
> >>
> >> * block silently;
> >> * violate the draft and misuse 451;
> >> * reserve another status code for their broader(!) use case;
>
> > Surely that would be 403? Would it help to point this fallback out
> explicitly?
>
> No, 403 does not imply that I am being forced to block something by a
> 3rd party. 403 just "blocks silently", not addressing the use cases #1
> and #2 in the numbered list at the top of this email.
>
>
​Sorry for chiming in cluelessly at this point, but how is 403 silent? RFC
7231 says a 403 can have a descriptive payload; and by stating that the
reason isn't necessarily auth-related and that you can use other mechanisms
to obscure access to resources it seems to imply that 403-with-payload is
intended to be explicitly not silent.

Or are you using 'silent' to mean "not easy to generate faceted
reports/statistics"? Because if so, while people clearly care about the
Ministry of Truth interfering with access to resources, at least in the
present climate, I don't know how much people care about other "outside
forces" blocking access. Is there much value in what you propose?



> > We already have:
>
> > """ Responses using this status code SHOULD include an explanation,
> > in the response body, of the details of the legal demand: the party
> > making it, the applicable legislation or regulation, and what classes
> > of person and resource it applies to. """
>
>
> > So perhaps a sentence or two before that noting why this is -- i.e.
> > that the legal context varies.
>
>
> I do not think it would help unless you are willing to say that the
> "legal context" varies so much that it may perfectly apply to blocking
> reasons other than the undefined areas of "legal obstacles" and "legal
> demands" :-).
>
>
​If the obstacle or demand (explicit or implied) depends on a legal
context, is it not a legal obstacle/demand? I'm struggling to envision a
case of externally-pressured censorship that doesn't count as "legal." A
server operator who chooses not to serve content because it violates their
beliefs/ideals/etc. can just not serve that stuff. One who would otherwise
have done so, but doesn't because of external pressure... well, what does
that look like? Do they live in a highly Pastafarian region, and are afraid
of reprisal because of their insistence on using plastic colanders? Because
I think that's more of a case for a well-written 404 or 410.

Cheers
-- 
  Matthew Kerwin
  http://matthew.kerwin.net.au/

v2.30.2 | Report a Bug | By Email | System Status