IETF Logo Mail Archive

Re: Last Call: <draft-nottingham-safe-hint-05.txt> (The "safe" HTTP Preference) to Proposed Standard

joel jaeggli <joelja@bogus.com> Fri, 14 November 2014 21:08 UTC

Return-Path: <joelja@bogus.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 457101ACD44 for <ietf@ietfa.amsl.com>; Fri, 14 Nov 2014 13:08:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.494
X-Spam-Level:
X-Spam-Status: No, score=-2.494 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.594] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RX6nrUxigUjO for <ietf@ietfa.amsl.com>; Fri, 14 Nov 2014 13:08:18 -0800 (PST)
Received: from nagasaki.bogus.com (nagasaki.bogus.com [IPv6:2001:418:1::81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F1EC1ACCFE for <ietf@ietf.org>; Fri, 14 Nov 2014 13:07:54 -0800 (PST)
Received: from dhcp-bbb3.meeting.ietf.org (dhcp-bbb3.meeting.ietf.org [31.133.187.179]) (authenticated bits=0) by nagasaki.bogus.com (8.14.9/8.14.9) with ESMTP id sAEL7YUr030169 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Fri, 14 Nov 2014 21:07:35 GMT (envelope-from joelja@bogus.com)
Message-ID: <54666F13.3050406@bogus.com>
Date: Fri, 14 Nov 2014 11:07:31 -1000
From: joel jaeggli <joelja@bogus.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:33.0) Gecko/20100101 Thunderbird/33.0
MIME-Version: 1.0
To: Eliot Lear <lear@cisco.com>, Joseph Lorenzo Hall <joe@cdt.org>, ietf@ietf.org
Subject: Re: Last Call: <draft-nottingham-safe-hint-05.txt> (The "safe" HTTP Preference) to Proposed Standard
References: <20141021213356.16262.50640.idtracker@ietfa.amsl.com> <54494E98.4070002@cs.tcd.ie> <5464E809.2080507@cdt.org> <54666D57.9050209@cisco.com>
In-Reply-To: <54666D57.9050209@cisco.com>
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="E60GimjHD6GfUpOW90G9ITsj9OTRWmHaq"
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/VkohWM2pnx_OIuUpDDEW9RsorGI
Cc: draft-nottingham-safe-hint@tools.ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Nov 2014 21:08:20 -0000

On 11/14/14 11:00 AM, Eliot Lear wrote:
> Hi Joe,
> 
> On 11/13/14, 7:19 AM, Joseph Lorenzo Hall wrote:
>>
>> Hi, mnot has already heard the following concerns from us at CDT about
>> this spec, but we want to make sure that these are part of the IETF
>> last call comment record.
>>
>> * The "Safe" preference is not only a preference but a signal.  It
>>   signals user vulnerability; when activated, the header would signal
>>   a user's potentially vulnerable status not only to site operators
>>   who intend to reply in good faith, but to those that will operate in
>>   bad faith and also to every intermediary on-path that could read the
>>   preference request.
> 
> While it could be the case that a user is vulnerable (a term that is a
> bit vague), it is also the case that many other users might choose to
> not want to receive content that is considered in some way "unsafe". 
> One could even imagine "Safe" becoming a default setting.

Hi, I'm a browser, and I'd like to receive only harmonious content.


> Eliot
>

v2.23.0 | Report a Bug | By Email