Re: [451] #80: Distinguishing intermediaries from origins

> On 24 Aug 2015, at 4:53 pm, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote:
> 
> --------
> In message <1C63E7B4-B1F6-4F0E-A931-3119959ED7EC@mnot.net>, Mark Nottingham wri
> tes:
> 
>> It's not that hard. if you're the origin server as per HTTP (i.e., your 
>> hostname shows up in the URL) - whether it's a CDN or not -
>> you're the origin. Otherwise, you're not.
> 
> I think the (...) says the exact opposite of what you want:  Most
> servers have a single hostname which never appear in URLs, but
> serves many URL domains.

Yes, but they know what origin each request has, and whether or not they're acting as the origin.

> But inverting it "(i.e., the domainname in the URL points to your
> server)", to match what I think was your intent, isn't much better.
> 
> For instance captive gateways where wildcard DNS responses point
> everything to a proxy would become 451 rather than 452.

A captive portal knows it's a captive portal. Also, we already have a status code for what they do.

> It also leaves the webhosting company to send 451 for AUP reasons,
> even though they will disclaim any legal authority over the content
> they serve.

That's probably worth more discussion; DMCA comes to mind as well in this situation.


> As I said:  Nailing gruel to the wall.
> 
>> One way to do #3 would be to require / request that the host generating 
>> the status code put its name in a header; that would help disambiguate 
>> (as long as the origin name was used, and not a deployment name).
> 
> I doubt that would happen in reality, there are big incentives to lie.
> 
> Leave it at 451 and recommend that the body contains useful details.

It can (and hopefully will) regardless. The discussion here was to see whether it'd be useful to make the distinction clear for automated clients (e.g., Chilling Effects, robots); the response has been "yes, that would be useful."



--
Mark Nottingham   https://www.mnot.net/

Received on Monday, 24 August 2015 07:02:58 UTC