could we have some sort of Is-Autonomous header?
"Soni L." <fakedme+http@gmail.com> Sat, 16 March 2024 11:55 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=ietf.org@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBD36C14F605 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 16 Mar 2024 04:55:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.859
X-Spam-Level:
X-Spam-Status: No, score=-2.859 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=w3.org header.b="AlJqyrAZ"; dkim=pass (2048-bit key) header.d=w3.org header.b="F1diepbW"; dkim=pass (2048-bit key) header.d=gmail.com header.b="iGUiQ5YK"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MP4SZmeSOeAC for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sat, 16 Mar 2024 04:54:59 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B39CBC14F5E8 for <httpbisa-archive-bis2Juki@ietf.org>; Sat, 16 Mar 2024 04:54:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Subject:Content-Type:From:To:MIME-Version:Date:Message-ID:Cc:Reply-To :In-Reply-To:References; bh=GT2NvqLDc1zAa1pm3dPua6NAmjP0GbMGmHjXA75+msw=; b=A lJqyrAZmj+FKlwtdmgiLH98KiT0XeOgys0v/tmbvBRNldXqvnfo+MEwf/6TszIC98CJAsXu6Yo24e 2AozI3P33dGvtBFSXYiJpIS0FGJqwm63u1CdnaPDd+ydqODh5U91j6GPOMdO3zFDpwdkmcBO5+Lkf 5xZ3xEj2J0qVaoIYNWYZEyjo5JrzL4HczxVVmAZjbqRFKfToopm67Yjd8p1P/EVZZlYH9sXuYuGH1 rgeZoFsMp6yMe/+s1IyCVtrUT9aKIKLWa3nkltS6bUVAMN9Hy5leoe9x3vMaiWoCcl8jHoDSY1AsX KsrXYK3kTGY4aPje5O1DEjQKzljm7/3Eg==;
Received: from lists by lyra.w3.org with local (Exim 4.94.2) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1rlSaA-00Cr0x-UX for ietf-http-wg-dist@listhub.w3.org; Sat, 16 Mar 2024 11:52:10 +0000
Resent-Date: Sat, 16 Mar 2024 11:52:10 +0000
Resent-Message-Id: <E1rlSaA-00Cr0x-UX@lyra.w3.org>
Received: from pan.w3.org ([3.222.182.102]) by lyra.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <fakedme+http@gmail.com>) id 1rlSa8-00Cqzq-2o for ietf-http-wg@listhub.w3.org; Sat, 16 Mar 2024 11:52:08 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=w3.org; s=s1; h=Content-Type:Subject:From:To:MIME-Version:Date:Message-ID:Cc:Reply-To :In-Reply-To:References; bh=GT2NvqLDc1zAa1pm3dPua6NAmjP0GbMGmHjXA75+msw=; t=1710589928; x=1711453928; b=F1diepbWuNiULWaiw/98fksX3IpVMriIqP0AnPLTMTIUjxW CzbHZCgQ1X1P+fZAfxyQ7kG9sMp4Xo65PqhTq5N3uUYXQ7gY0PV62AkSeJbKCaz6i4uoIgUT03e03 O2AeKLLRFWgEtllTExq9Lbp0RMDKGlaE66P2Ycg/TTrcwgcbKqlmUw5fKaQuFqvUuQDXOH5fUGQjE 6rTsCiRiv5WgeLDgCqvTCZ/7sjm25wD8Gp19UdxF6SubOdPy1h1Rk2ndA57JOwSRzSfgKlwJS/c26 lWPJ4wCs1+AwvS31sIwISRkV/oKgRPSB2gX4vg41+Jwy/vnyj/KW/4LVQ06nM3IQ==;
Received-SPF: pass (pan.w3.org: domain of gmail.com designates 2607:f8b0:4864:20::632 as permitted sender) client-ip=2607:f8b0:4864:20::632; envelope-from=fakedme+http@gmail.com; helo=mail-pl1-x632.google.com;
Received: from mail-pl1-x632.google.com ([2607:f8b0:4864:20::632]) by pan.w3.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from <fakedme+http@gmail.com>) id 1rlSa7-00C1SF-1L for ietf-http-wg@w3.org; Sat, 16 Mar 2024 11:52:07 +0000
Received: by mail-pl1-x632.google.com with SMTP id d9443c01a7336-1df01161b39so6615935ad.3 for <ietf-http-wg@w3.org>; Sat, 16 Mar 2024 04:52:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1710589923; x=1711194723; darn=w3.org; h=content-transfer-encoding:subject:from:to:content-language :user-agent:mime-version:date:message-id:sender:from:to:cc:subject :date:message-id:reply-to; bh=GT2NvqLDc1zAa1pm3dPua6NAmjP0GbMGmHjXA75+msw=; b=iGUiQ5YKRI3J2gJ8USUEKX07OHi8/vLIe1GYGTLXeSbQUKh+dNZ34s/GQbkupa0931 Yv5MZLqfL2bfx6zLomNOaf7Uya3bx8gdJ0hnu4QuouulTOUml48pTX2vtVgSl+1We+2z tQdpOMMUrJiq7ecHbCkxjQ2V+l9kekDLXIqQy/S0LWvcrinBxx0UaWgRhi1qlPU2Efjp Dw/SKme5s0iITlxjY7KUGdB5t+DqXtIqMCAf+t+O5MWASonGcBqNVqAHTErYUXTntaEw E2u07ZVaF7JBc+gG01BCGizJNQY650tCEfgYvymkHkZWyacudrnP+RmEpVXSjiBGjH61 IZgg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710589923; x=1711194723; h=content-transfer-encoding:subject:from:to:content-language :user-agent:mime-version:date:message-id:sender:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=GT2NvqLDc1zAa1pm3dPua6NAmjP0GbMGmHjXA75+msw=; b=OhojZ6ghZ1rVP5tdt2Os/u1Gwy2ATfhk5PqhFF12DdY2u7/EGNhueyFvNcxYerZ0p0 5f8HVsG7TZ7oSGO5LDF9lQxsOjPCdlu6s9U4dSuhzeo0FqM8YPUwfk3llGBud+9+kiJI TcEh4+iHX3DawbJ78BYDt6Tr1DBNq47REEqlmQDZMN8kAZfTO7JhiRmNHDTZ4ZT5EW0A LbguEp0/UhKOpR5i4Ywo8gxyGC+DEuY1R9zgRbGEg3azd96Q7RQjYJruYIfaXIxv3EbC WeUY3Sg1MmV5BbnwGvCefmlK9bJgcu0K1isJFkgQpREEB70uMauqRbqL3/Gi3Az7X0+C 1e7w==
X-Gm-Message-State: AOJu0YzlFRhfcIbSG+hDGBRtbflo/lei2ph+M+RGcxYx4bbC/KkwTguh vwMtXNXXBEt5HsjgOiqofvcLoWKOzpVFnlzz6by+l3pSW9/gZBmZMMPdX33w
X-Google-Smtp-Source: AGHT+IEHDwdyclumwVmLnoMi3zDoYAxYocrOyAdm6w7FzWziFodGwZLUncpz73kYMi+opCGdqW2I2Q==
X-Received: by 2002:a17:902:74cc:b0:1db:9fa2:3408 with SMTP id f12-20020a17090274cc00b001db9fa23408mr6447289plt.42.1710589923456; Sat, 16 Mar 2024 04:52:03 -0700 (PDT)
Received: from ?IPV6:2804:431:cfcd:570a::536f:6e69? ([2804:431:cfcd:570a::536f:6e69]) by smtp.googlemail.com with ESMTPSA id j1-20020a170902c3c100b001ddb57a4dffsm5645325plj.132.2024.03.16.04.52.00 for <ietf-http-wg@w3.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 16 Mar 2024 04:52:02 -0700 (PDT)
Sender: "Soni L." <fakedme@gmail.com>
Message-ID: <cac456fe-6385-4afb-913e-e730f68439d8@gmail.com>
Date: Sat, 16 Mar 2024 08:51:55 -0300
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: HTTP Working Group <ietf-http-wg@w3.org>
From: "Soni L." <fakedme+http@gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-W3C-Hub-DKIM-Status: validation passed: (address=fakedme+http@gmail.com domain=gmail.com), signature is good
X-W3C-Hub-Spam-Status: No, score=-4.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, DMARC_PASS=-0.001, FREEMAIL_FROM=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: pan.w3.org 1rlSa7-00C1SF-1L 13ae1fc4a530434af719c924437ac9e9
X-Original-To: ietf-http-wg@w3.org
Subject: could we have some sort of Is-Autonomous header?
Archived-At: <https://www.w3.org/mid/cac456fe-6385-4afb-913e-e730f68439d8@gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/51882
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/email/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
hello! one of the issues with fediverse is how each instance caches other instances' posts, but when you copy the link to a post it gives you a link to your own instance. this link then either does a redirect (which is dangerous and mastodon is deprecating it), shows an interstitial (new versions of mastodon do this), or shows the cached content (most other instances do this). doing a redirect is bad because it paves way for certain kinds of phishing attacks. but it preserves the original opengraph metadata, allowing for seamless link previews. an interstitial is great because it reduces the chances of those phishing attacks. but it breaks the opengraph metadata, so you don't get link previews. the third case we don't talk about because it's not really relevant to this post. (except minimally it is, more on that in a bit.) so the Is-Autonomous header would ideally be set by link preview systems and not by anyone else (explicitly not by browsers). when a server sees Is-Autonomous, it could change its behaviour in any of the following ways: - instead of showing an interstitial, it could do a redirect. - instead of rendering an entire regular page template, it could render just the opengraph metadata. - it could reject the request altogether. the first 2 of these are great incentives to use the Is-Autonomous header: the first one makes link previews work, and the second one saves bandwidth both on the server and on the link preview system. we believe these benefits outweigh the drawback of the third for anyone interested in deploying this. but enough with what we believe, what does the http wg think?
- could we have some sort of Is-Autonomous header? Soni L.
- Re: could we have some sort of Is-Autonomous head… Soni L.
- Re: could we have some sort of Is-Autonomous head… Soni L.
- Re: could we have some sort of Is-Autonomous head… Evert Pot
- Re: could we have some sort of Is-Autonomous head… Soni L.
- Re: could we have some sort of Is-Autonomous head… Watson Ladd