- From: Krzysztof Jurewicz <krzysztof.jurewicz@gmail.com>
- Date: Fri, 18 Sep 2015 15:47:50 +0200
- To: ietf-http-wg@w3.org
In the discussion about 451 status code proposal, one fact has probably not been emphasized enough: that the 4xx code family “is intended for cases in which the client seems to have erred”. This is however often not the case, as there may be no means for the client to fix the request. Therefore we may want to distinguish between two cases: ⒈ Legal conditions are not met, but the client can do something to satisfy them. (4xx code). ⒉ The resource is unavailable for legal reasons and the client can do nothing to fix this. (5xx code). The codes could be defined as follows: 4XX Legal Requirements Unmet The 4XX (Legal Requirements Unmet) status code indicates that the server understood the request, but is refusing to fulfill it due to legal requirements not met by the client. The server SHOULD describe means by which the client can satisfy those requirements. If there are no such means, the 5XX (Unavailable For Legal Reasons) status code SHOULD be used instead. 5XX Unavailable For Legal Reasons The 5XX (Unavailable For Legal Reasons) status code indicates that the server understood the request, but is refusing to fulfill it due to legal reasons. If there is a known time after which the legal issues are possible to be fixed, the server MAY indicate it in a Retry-After header. If there are means by which the client itself can fix the issue, the 4XX (Legal Requirements Unmet) status code MAY be used instead. A bunch of examples: ⓐ The law permits the resource to be viewed by adults only (5XX Unavailable For Legal Reasons). ⓑ The law permits the resource to be viewed by adults only or by minors which send a request cryptographically signed by their mother (4XX Legal Requirements Unmet). ⓒ The server owner wishes this resource to be viewed by adults only (403 Forbidden). ⓓ The ISP has an agreement with parents that their children may not view certain content (403 Forbidden). ⓔ The resource contains adult material with a performer which is legally obliged to prove to the server owner that he is adult himself (5XX Unavailable For Legal Reasons). ⓕ The user needs to submit his ID card scan before performing the request, due to KYC law (4XX Legal Requirements Unmet). ⓖ A government permission is required to perform the request (4XX Legal Requirements Unmet). ⓗ There is a government investigation or trial ongoing which prohibits the request from being served (5XX Unavailable For Legal Reasons). ⓘ The resource is blacklisted by the government (5XX Unavailable For Legal Reasons). ⓙ The server has not acquired a license allowing it to serve the request (5XX Unavailable For Legal Reasons). ⓚ The request has to contain a proof that it is performed from the country of Ruritania (4XX Legal Requirements Unmet). ⓛ The request is forbidden to be performed from the country of Ruritania, but may be performed abroad (4XX Legal Requirements Unmet or 5XX Unavailable For Legal Reasons). ⓜ The request may not be performed by the citizens of Ruritania (5XX Unavailable For Legal Reasons). ⓛ The server acts as a proxy to another server which has not met some legal requirements (5XX Unavailable For Legal Reasons). What do you think? While it can be argued that 4XX Legal Requirements Unmet status code is somewhat similar to 403 Forbidden, it is hard to find a counterpart for 5XX Unavailable For Legal Reasons in the 5xx range. Krzysztof Jurewicz
Received on Friday, 18 September 2015 13:48:25 UTC