Re: Last Call: <draft-nottingham-safe-hint-05.txt> (The "safe" HTTP Preference) to Proposed Standard

[Andrew Newton <andy@hxr.us>]

On Thu, Oct 23, 2014 at 8:40 PM,  <ned+ietf@mauve.mrochek.com> wrote:
>> On Thu, Oct 23, 2014 at 7:51 PM, Mark Nottingham <mnot@mnot.net> wrote:
>> > Donald Eastlake said:
>> >
>> >> I believe it has many of the problems discussed in RFC 3675.
>> >
>> > Could you please be more specific? The analogy is not obvious, and that's a big RFC.
>
>> Consider the analogy between one bit of "safeness" and one top level
>> domain name for "adult" material.
>
> OK... So one is a visible label saying "unsafe material here", the other is a
> way to make a request saying "safe material preferred". At first glance these
> don't seem structurally similar at all.
>
> Issues with .xxx or whatever described in RFC 3675 include the cost of
> publishers of unsafe material switching labels, internationalization issues
> with the .xxx or whatever label itself, the stigma and/or legal repercussions
> of being labeled as being in the unsafe category, the explosion of surrounding
> TLD names and their associated semantics, and the ability of anyone
> to create an unsafe label pointing at someone else.
>
> None of these issues seem applicable to the safe-hint mechanism, mostly because
> it's a hint, not a label.

Another difference between .xxx and a safe hint is that there would or
could be an authority judging the content that does or does not go
under .xxx. With a safe hint, that distinction is drawn by the content
holder. I think a safe hint is a far more workable solution as there
would never be a universal agreement about what constitutes .xxx
material (as is stated by 3675).

>
> The privacy issue described in RFC 3675 would also appear to be avoided, at
> least up to the point where a sufficiently high number of requests use the safe
> hint that requests without it stand out. This probably should be mentioned,
> along with the opposite concern of knowing who wants safe material, but it's
> hardly a showstopper.

+1

>
> Really, the only issue in RFC 3675 that seems remotely relevant is that of
> disagreement over the definition of what meets the criteria - the case of the
> safe hint, what consistitutes "safe enough". And I suppose it's a concern that
> if you offer a safe mode you're implictly acknowledging that some of your
> material is "unsafe", but many web sites already have multiple areas and/or
> versions, so this is hardly anything new.

Perhaps this draft could have an informative reference to 3675 if
readers want to know more about the issues of what is and is not
"safe" content. But I don't see the issues discussed in 3675 as being
showstoppers for this. And given this draft is documenting an existing
practice, I support its adoption.

-andy