Re: [451] #80: Distinguishing intermediaries from origins

> On 24 Aug 2015, at 4:27 pm, Poul-Henning Kamp <> wrote:
> --------
> In message <>, Mark Nottingham wri
> tes:
>> <>
>> [...]
>> 1. Specify that 451 is for origin server use only; if the network 
>> censors something and is allowed to state that this is happening, it'll 
>> need to use a different (possibly defined in the future) status code.
>> 2. Specify a second status code (452?) to indicate that the network is 
>> doing the censoring.
> Defining "the network" in a context like this is nailing gruel to a wall.
> Is a CDN an origin server or "the network" ?
> What if some of the CDN nodes must conform to different laws than
> the rest due to legal reasons relating to $whatever ?
> Is a web-hosting provider with an Acceptable Use Policy an origin
> server or "the network" in this context ?
> More fundamentally, I fail to see where the semantic difference
> between 451 and 452 would ever matter enough to justify a distinction.
> And worse:  I can see a lot of perverse incentives to use the wrong
> one to deflect blame, making the distinction useless in practice.
> I'd prefer we stick with just 451.

It's not that hard. if you're the origin server as per HTTP (i.e., your hostname shows up in the URL) — whether it's a CDN or not — you're the origin. Otherwise, you're not.

One way to do #3 would be to require / request that the host generating the status code put its name in a header; that would help disambiguate (as long as the origin name was used, and not a deployment name).


Mark Nottingham

Received on Monday, 24 August 2015 06:31:54 UTC