Re: [451] #80: Distinguishing intermediaries from origins from Mark Nottingham on 2015-08-27 (ietf-http-wg@w3.org from July to September 2015)

From: Mark Nottingham <mnot@mnot.net>
Date: Thu, 27 Aug 2015 11:41:22 +1000
To: Tim Bray <tbray@textuality.com>
Cc: Poul-Henning Kamp <phk@phk.freebsd.dk>, HTTP Working Group <ietf-http-wg@w3.org>, Wendy Seltzer <wseltzer@w3.org>, Niels ten Oever <niels@article19.org>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>, Joseph Lorenzo Hall <joe@cdt.org>
Message-Id: <3BAC3764-4BD5-4783-BD50-F9361474FFF0@mnot.net>

> On 27 Aug 2015, at 1:07 am, Tim Bray <tbray@textuality.com> wrote:
> 
> On Tue, Aug 25, 2015 at 8:57 AM, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote:
> >BUT, it would be useful to know where the legal blockage is happening.
> 
> No argument there, but adding 452 doesn't aid that goal IMO.
> 
> I agree. I don't think 452 really adds any useful information, because I think “origin host” vs “other” distinction is not very interesting.

Well, we do have responses from people who intend to consume these status codes that such a distinction would be interesting to them. 

I do see your point though — if I'm being censored because I'm in Fooistan, and the content is available elsewhere, the place of application of the censorship (network vs. origin) doesn't seem like a primary concern (because in both cases, changing my network path may result in the content becoming available).

> I think it's useful to know who is censoring.

If we got ambitious, we could define a Censorship Reporting Format to describe who's doing the censorship, what it applies to, etc. and then Link: to that from the response. I don't think we're that ambitious here (and it's starting to sound out of scope for this WG).

So, I think what remains is "is there any dead-simple metadata we can put into the 451 response that will help people collecting information about censorship? If not, we should probably just ship it.

CC:ing in Wendy, Niels, Joe and DKG to see if they have any thoughts.

> >As for #2, this feels like a job for an HTTP header, say
> >'Blocker-for-legal-reasons'.  It should take a list value in the case that
> >there are multiple entities blocking a request, [...]
> 
> How would that ever happen ?  You get 451 back from the first censor
> who doesn't explore the full chain to see if anybody else are
> censoring ?
> 
> Hm... possibly right. Other opinions?
> 
> Again:  Have you asked any actual *censors* if they would be willing
> to fill out such a header ?
> 
> I'm pretty sure they would.  Lots of ISPs hate it when they are prevented from serving their customers properly.  Also, see the transparency reports published by all the big internet companies.

FWIW, I've been in contact with a few (quite sizeable) sites that say they'd use such a status code if it were standard.

I haven't yet had contact with ISPs that say that, but it's mostly because I haven't asked. Based on the current political climate in .au and .uk, I think at least ISPs in those places would use a status code if it were defined. Happy to try to get some feedback gathered if people think it'd help.

Cheers,

--
Mark Nottingham   https://www.mnot.net/

Received on Thursday, 27 August 2015 01:41:55 UTC