- From: Stefan Eissing <stefan.eissing@greenbytes.de>
- Date: Thu, 18 Dec 2014 13:28:20 +0100
- To: Willy Tarreau <w@1wt.eu>
- Cc: Eliot Lear <lear@cisco.com>, Bray Tim <tbray@textuality.com>, Yoav Nir <ynir.ietf@gmail.com>, Mark Nottingham <mnot@mnot.net>, Niels ten Oever <lists@digitaldissidents.org>, HTTP Working Group <ietf-http-wg@w3.org>
> Am 18.12.2014 um 12:33 schrieb Willy Tarreau <w@1wt.eu>: > > On Thu, Dec 18, 2014 at 12:09:25PM +0100, Stefan Eissing wrote: >> Proposal: >> ------------------------------------------------------------------- >> 451 Unavailable For Legal Reasons >> >> The 451 (Unavailable For Legal Reasons) status code indicates that >> the server understood the request but is unable to fulfill it due >> to legal reasons. Responses using this status code SHOULD include >> an explanation, in the response body, of the details of the legal >> restriction; which legal authority is imposing it, and what class >> of resources it applies to. For example: > > (...) >> I hope the description above makes it more clear that 451 would apply to >> retrievals. E.g. the first 2 of the 3 situations you describe. As with 403, I >> see no need to have differentiate situations 1+2. > > No. "unable to fulfull the request" does not imply retrieval, I'm sorry. No need to feel sorry for this. I think the status code is about retrieval and the draft should define that. If that is not clear, wording should be made clear. Feel free to contribute. > Also, I see a big difference between the two cases (server-side legal issues > or client-side legal issues), it's for caches. A cache should possibly cache > a server-side legal blocking while it must not cache the client-side one, > unless it's installed on the client-side and is concerned by the same > legal issue. Cacheablility of responses is defined in rfc7234 ch. 3 quite well. What do you think needs additionally be said? What mechanisms need to be added for this status code that are not already available? >> As to situation 3, something like 451 for uploads could be useful for sites >> like youtube or soundcloud, but I have not heard of any such expressed >> interest. My understanding how they operate is limited, but they seem >> to take in content and then post-process the upload by their content bots >> afterwards. >> >> Anyway, before proposing something without any clear use case, I would >> rather leave it out. > > But then the wording of the current one is too vague as it already overlaps > with this use case. How will they call it then ? "452 Unavailable For Legal > Reasons" ? "legal reasons" itself is vague enough to make it hard to add > new cases in the future. We've already had a mess with the understanding > of 301/302 requiring to add new codes such as 303/307/308 to clarify how > to process certain requests. Better be very clear in this one instead of > seeing 452..459 being allocated as replacements for 451 later to clarify > the intent and the reason for blocking. I think the 30x "mess" resulted mainly from the evolution of the use cases and the experiences gathered over the years. It would have been difficult to foresee all of them beforehand (some could have). Adding standard definitions without any implementation seems a waste of cycles. //Stefan <green/>bytes GmbH Hafenweg 16, 48155 Münster, Germany Phone: +49 251 2807760. Amtsgericht Münster: HRB5782
Received on Thursday, 18 December 2014 12:28:44 UTC