IETF Logo Mail Archive

Re: Last Call: <draft-nottingham-safe-hint-05.txt> (The "safe" HTTP Preference) to Proposed Standard

ned+ietf@mauve.mrochek.com Fri, 24 October 2014 01:11 UTC

Return-Path: <ned+ietf@mauve.mrochek.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 124891AD61D for <ietf@ietfa.amsl.com>; Thu, 23 Oct 2014 18:11:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.912
X-Spam-Level:
X-Spam-Status: No, score=-1.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IN0vd5leEbXa for <ietf@ietfa.amsl.com>; Thu, 23 Oct 2014 18:11:27 -0700 (PDT)
Received: from mauve.mrochek.com (mauve.mrochek.com [66.159.242.17]) by ietfa.amsl.com (Postfix) with ESMTP id CBB991AD60E for <ietf@ietf.org>; Thu, 23 Oct 2014 18:11:27 -0700 (PDT)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01PE3H459XYO002KS4@mauve.mrochek.com> for ietf@ietf.org; Thu, 23 Oct 2014 18:06:29 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: TEXT/PLAIN; CHARSET="us-ascii"
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01PE3G6YIHXS0028JO@mauve.mrochek.com> (original mail from NED@mauve.mrochek.com) for ietf@ietf.org; Thu, 23 Oct 2014 18:06:22 -0700 (PDT)
From: ned+ietf@mauve.mrochek.com
Message-id: <01PE3H43DOP60028JO@mauve.mrochek.com>
Date: Thu, 23 Oct 2014 17:40:14 -0700
Subject: Re: Last Call: <draft-nottingham-safe-hint-05.txt> (The "safe" HTTP Preference) to Proposed Standard
In-reply-to: "Your message dated Thu, 23 Oct 2014 20:04:21 -0400" <CAF4+nEGcbZ=1ZrR+FEDWwrYXGxRaLTacd41Yfx5PM_PqbXvNNA@mail.gmail.com>
References: <CE7998F2-7A4B-4983-99B9-7D7C27B1E923@mnot.net> <CAF4+nEGcbZ=1ZrR+FEDWwrYXGxRaLTacd41Yfx5PM_PqbXvNNA@mail.gmail.com>
To: Donald Eastlake <d3e3e3@gmail.com>
X-Comment: Internal;probe=process-dkim-sign
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/1Gj-qZKu72MSucM259wn_BZ6isQ
Cc: Mark Nottingham <mnot@mnot.net>, IETF <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Oct 2014 01:11:35 -0000

> On Thu, Oct 23, 2014 at 7:51 PM, Mark Nottingham <mnot@mnot.net> wrote:
> > Donald Eastlake said:
> >
> >> I believe it has many of the problems discussed in RFC 3675.
> >
> > Could you please be more specific? The analogy is not obvious, and that's a big RFC.

> Consider the analogy between one bit of "safeness" and one top level
> domain name for "adult" material.

OK... So one is a visible label saying "unsafe material here", the other is a
way to make a request saying "safe material preferred". At first glance these
don't seem structurally similar at all.

Issues with .xxx or whatever described in RFC 3675 include the cost of
publishers of unsafe material switching labels, internationalization issues
with the .xxx or whatever label itself, the stigma and/or legal repercussions
of being labeled as being in the unsafe category, the explosion of surrounding
TLD names and their associated semantics, and the ability of anyone
to create an unsafe label pointing at someone else.

None of these issues seem applicable to the safe-hint mechanism, mostly because
it's a hint, not a label.

The privacy issue described in RFC 3675 would also appear to be avoided, at
least up to the point where a sufficiently high number of requests use the safe
hint that requests without it stand out. This probably should be mentioned,
along with the opposite concern of knowing who wants safe material, but it's
hardly a showstopper.

Really, the only issue in RFC 3675 that seems remotely relevant is that of
disagreement over the definition of what meets the criteria - the case of the
safe hint, what consistitutes "safe enough". And I suppose it's a concern that
if you offer a safe mode you're implictly acknowledging that some of your
material is "unsafe", but many web sites already have multiple areas and/or
versions, so this is hardly anything new.

The bottom line is as far as I'm concerned you're going to have be a lot more
specific about why RFC 3675 is relevant in this context, because I don't see
it.

				Ned

v2.23.0 | Report a Bug | By Email