IETF Logo Mail Archive

Re: Last Call: <draft-nottingham-safe-hint-05.txt> (The "safe" HTTP Preference) to Proposed Standard

Yoav Nir <ynir.ietf@gmail.com> Fri, 14 November 2014 21:22 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4925A1ACD85 for <ietf@ietfa.amsl.com>; Fri, 14 Nov 2014 13:22:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xHaEFt9eQz_T for <ietf@ietfa.amsl.com>; Fri, 14 Nov 2014 13:22:40 -0800 (PST)
Received: from mail-wg0-x233.google.com (mail-wg0-x233.google.com [IPv6:2a00:1450:400c:c00::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 545B71ACD84 for <ietf@ietf.org>; Fri, 14 Nov 2014 13:22:40 -0800 (PST)
Received: by mail-wg0-f51.google.com with SMTP id k14so1140083wgh.38 for <ietf@ietf.org>; Fri, 14 Nov 2014 13:22:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=BgvkQkzSobiPprxkYsVC1pL3TP1h6ldfWjkgcNMWoHw=; b=y5UBEu4nSfbSYdRr4vM6IuaKGg02/T9vWXvYJ1Xwpdj+DaOD0f9qIqgj74cdEC8zxs 4D88nH11qDIq4ZOIwoD9tEhoIc7XDYtu3fC8eI+i3e9M1UnQuIQxoi6zmJ3i9E0dsukv 63BgDejFGdPy5XBEXSTbvmNHcxB7LPp+2RtF+CXmuAYltooUMnJGxH8+NulPvv4WXo4Z 4O53weGlinHbSP6TfQiH/99pI2pPzLqTnaGDsLn1bMjB0HZViOarf7cTlFWjGm8OM9S+ YCl6hzc7sQxLnJWZ8OIKY7feiGkaRrK5WTL2noxe3IFhSvHZrhZWdVBm7HuJ+nnjD1WE NEMQ==
X-Received: by 10.194.60.45 with SMTP id e13mr17488481wjr.109.1416000159145; Fri, 14 Nov 2014 13:22:39 -0800 (PST)
Received: from t2001067c03700160fc78693ef116341b.wireless.v6.meeting.ietf.org (t2001067c03700160fc78693ef116341b.wireless.v6.meeting.ietf.org. [2001:67c:370:160:fc78:693e:f116:341b]) by mx.google.com with ESMTPSA id bj7sm41047175wjc.33.2014.11.14.13.22.36 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 14 Nov 2014 13:22:38 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 8.0 \(1990.1\))
Subject: Re: Last Call: <draft-nottingham-safe-hint-05.txt> (The "safe" HTTP Preference) to Proposed Standard
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <54666F13.3050406@bogus.com>
Date: Fri, 14 Nov 2014 11:22:31 -1000
Content-Transfer-Encoding: quoted-printable
Message-Id: <A1C66E00-06D5-49DE-ABF7-87DAB8C32DB0@gmail.com>
References: <20141021213356.16262.50640.idtracker@ietfa.amsl.com> <54494E98.4070002@cs.tcd.ie> <5464E809.2080507@cdt.org> <54666D57.9050209@cisco.com> <54666F13.3050406@bogus.com>
To: joel jaeggli <joelja@bogus.com>
X-Mailer: Apple Mail (2.1990.1)
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/4Ysr8m7uT0Ja6fOhlRpzHwjsZis
Cc: draft-nottingham-safe-hint@tools.ietf.org, ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Nov 2014 21:22:42 -0000

> On Nov 14, 2014, at 11:07 AM, joel jaeggli <joelja@bogus.com> wrote:
> 
> On 11/14/14 11:00 AM, Eliot Lear wrote:
>> Hi Joe,
>> 
>> On 11/13/14, 7:19 AM, Joseph Lorenzo Hall wrote:
>>> 
>>> Hi, mnot has already heard the following concerns from us at CDT about
>>> this spec, but we want to make sure that these are part of the IETF
>>> last call comment record.
>>> 
>>> * The "Safe" preference is not only a preference but a signal.  It
>>>  signals user vulnerability; when activated, the header would signal
>>>  a user's potentially vulnerable status not only to site operators
>>>  who intend to reply in good faith, but to those that will operate in
>>>  bad faith and also to every intermediary on-path that could read the
>>>  preference request.
>> 
>> While it could be the case that a user is vulnerable (a term that is a
>> bit vague), it is also the case that many other users might choose to
>> not want to receive content that is considered in some way "unsafe". 
>> One could even imagine "Safe" becoming a default setting.
> 
> Hi, I'm a browser, and I'd like to receive only harmonious content.

Hi, browser, server here. Here’s some pictures of nudes. I guess this is OK with you because they are works of art created by 15th century ninja turtles.

v2.23.0 | Report a Bug | By Email