W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2015

Re: Reviving discussion on error code 451

From: David Morris <dwm@xpasc.com>
Date: Thu, 8 Jan 2015 08:04:06 -0800 (PST)
To: "'HTTP Working Group'" <ietf-http-wg@w3.org>
cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <alpine.LRH.2.01.1501080800360.11342@egate.xpasc.com>

I still like:

  451 Forbidden for Policy Reasons

but if 'Forbidden' is a concern then either
  451 Blocked for Policy Reasons
or
  451 Access Blocked for Policy Reasons

Any of these choices indicates access not allowed
for reasons other than the wishes of the content
owner.

On Thu, 8 Jan 2015, Eliot Lear wrote:

> Hi,
>
> On 1/8/15 8:19 AM, Benjamin Carlyle wrote:
>
>
>       On 2 Jan 2015 07:45, "Tim Bray" <tbray@textuality.com> wrote:
>       > On Fri, Dec 19, 2014 at 6:07 AM, <nicolas.mailhot@laposte.net>
>       wrote:
>       >>
>       >> Proposal (another one properly generalized)
>       >> -------------------------------------------------
>       >>
>       >>  451 Forbidden by a third party human authority
>       >
>       > ?Clever, but it doesn?t meet the service providers? needs.  They are OK
>       with mentioning that they got a legal demand, but they don?t want to
>       admit formally that they have been ?forbidden? because that would weaken
>       their legal position if they decide to contest the demand.?
>
>       I'm not sure it is necessary to call out policy or law in the
>       description of this response.
>
>       451 Forbidden by intermediary
>       The origin server MAY permit the request but an intermediary server
>       refused the request.
>       ... preferably with a populated via header that ends in the
>       intermediary that forbids the request, or some other identifying
>       information for the intermediary.
>
>
> I think "Forbidden" is the very word that Tim is objecting to, and introducing
> intermediaries into this seems to be missing the point.  It's NOT that
> intermediaries are forbidding anything but that someone somewhere has told the
> site owner that material should not be made available.
>
>       The implication to be made implicitly or explicitly is that another
>       communication path may not refuse the request. In an office
>       environment this might mean that an employee may seek to access the
>       content at home.
>
>
> That implication is already there.
>
>       The key point intended in the response I think is to differentiate
>       between a request being refused by the owner of the resource or
>       being refused by an owner of the communication path. Stronger
>       language than that could be seen to be offering some kind of legal
>       or policy advice. If the intermediary does want to provide such
>       advice it surely could do so in the response body.
>
>
> Indicating is responding to a legal demand to me doesn't seem to be advice to
> anyone, but rather an explanation, and the briefest one at that.
>
> Let's also disentangle this just a bit.  There are two different issues:
>  *  Some legal demand, as Tim points out (like a DMCA takedown notice, or a
>     government ordering a site to take down content); or
>  *  an intermediary network refusing to serve content, perhaps because the
>     network owner has a policy against certain content, but this would have
>     nothing to do with anything regarding legality.
>
> These are distinct.  Do they need separate error codes?
>
> Eliot
>
>
>
Received on Thursday, 8 January 2015 16:04:39 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:42 UTC