- From: Mark Nottingham <mnot@mnot.net>
- Date: Mon, 24 Aug 2015 16:31:20 +1000
- To: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>, Tim Bray <tbray@textuality.com>
> On 24 Aug 2015, at 4:27 pm, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote: > > -------- > In message <DB28B14A-5965-4822-8E47-3A91DEF9D87C@mnot.net>, Mark Nottingham wri > tes: > >> <https://github.com/httpwg/http-extensions/issues/80> >> [...] >> 1. Specify that 451 is for origin server use only; if the network >> censors something and is allowed to state that this is happening, it'll >> need to use a different (possibly defined in the future) status code. >> >> 2. Specify a second status code (452?) to indicate that the network is >> doing the censoring. > > Defining "the network" in a context like this is nailing gruel to a wall. > > Is a CDN an origin server or "the network" ? > > What if some of the CDN nodes must conform to different laws than > the rest due to legal reasons relating to $whatever ? > > Is a web-hosting provider with an Acceptable Use Policy an origin > server or "the network" in this context ? > > More fundamentally, I fail to see where the semantic difference > between 451 and 452 would ever matter enough to justify a distinction. > > And worse: I can see a lot of perverse incentives to use the wrong > one to deflect blame, making the distinction useless in practice. > > I'd prefer we stick with just 451. It's not that hard. if you're the origin server as per HTTP (i.e., your hostname shows up in the URL) — whether it's a CDN or not — you're the origin. Otherwise, you're not. One way to do #3 would be to require / request that the host generating the status code put its name in a header; that would help disambiguate (as long as the origin name was used, and not a deployment name). Cheers, -- Mark Nottingham https://www.mnot.net/
Received on Monday, 24 August 2015 06:31:54 UTC