Re: Reviving discussion on error code 451


On 1/8/15 8:19 AM, Benjamin Carlyle wrote:
> On 2 Jan 2015 07:45, "Tim Bray" <
> <>> wrote:
> > On Fri, Dec 19, 2014 at 6:07 AM, <
> <>> wrote:
> >>
> >> Proposal (another one properly generalized)
> >> -------------------------------------------------
> >>
> >>  451 Forbidden by a third party human authority
> >
> > ​Clever, but it doesn’t meet the service providers’ needs.  They are
> OK with mentioning that they got a legal demand, but they don’t want
> to admit formally that they have been “forbidden” because that would
> weaken their legal position if they decide to contest the demand.​
> I'm not sure it is necessary to call out policy or law in the
> description of this response.
> 451 Forbidden by intermediary
> The origin server MAY permit the request but an intermediary server
> refused the request.
> ... preferably with a populated via header that ends in the
> intermediary that forbids the request, or some other identifying
> information for the intermediary.

I think "Forbidden" is the very word that Tim is objecting to, and
introducing intermediaries into this seems to be missing the point. 
It's NOT that intermediaries are forbidding anything but that someone
somewhere has told the site owner that material should not be made

> The implication to be made implicitly or explicitly is that another
> communication path may not refuse the request. In an office
> environment this might mean that an employee may seek to access the
> content at home.

That implication is already there.

> The key point intended in the response I think is to differentiate
> between a request being refused by the owner of the resource or being
> refused by an owner of the communication path. Stronger language than
> that could be seen to be offering some kind of legal or policy advice.
> If the intermediary does want to provide such advice it surely could
> do so in the response body.

Indicating is responding to a legal demand to me doesn't seem to be
advice to anyone, but rather an explanation, and the briefest one at that.

Let's also disentangle this just a bit.  There are two different issues:

  * Some legal demand, as Tim points out (like a DMCA takedown notice,
    or a government ordering a site to take down content); or
  * an intermediary network refusing to serve content, perhaps because
    the network owner has a policy against certain content, but this
    would have nothing to do with anything regarding legality.

These are distinct.  Do they need separate error codes?


Received on Thursday, 8 January 2015 09:33:51 UTC