Re: Considering RFC7725bis from Ben Schwartz on 2020-11-12 (ietf-http-wg@w3.org from October to December 2020)

From: Ben Schwartz <bemasc@google.com>
Date: Thu, 12 Nov 2020 11:23:52 -0500
To: Roberto Polli <robipolli@gmail.com>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>, Tommy Pauly <tpauly@apple.com>, Tim Bray <tbray@textuality.com>, shivankaulsahib@gmail.com
Message-ID: <CAHbrMsBBqss0DrpvZXHPt3_oY4RG9N6urweSEtQOsci8F4JKYQ@mail.gmail.com>

I'm supportive and able to contribute text.  I also agree that some
additions and adjustments to the metadata in the current draft will be
needed.

Regarding a CfA, I would appreciate hearing from anyone who is interested
in publishing this additional metadata if it is defined.  If we don't have
clear interest on the server side, I don't think it's worth revising RFC
7725.

On Thu, Nov 12, 2020 at 10:42 AM Roberto Polli <robipolli@gmail.com> wrote:

> Hi everybody,
>
> I agree with the idea of 7725bis.
>
> Probably some Security considerations are needed (eg.  resolving links
> to blocking-authorities may disclose the client data,  ...)
>
> My 2¢,
> R.
>
> Il giorno mer 11 nov 2020 alle ore 22:44 Mark Nottingham
> <mnot@mnot.net> ha scritto:
> >
> > WG participants,
> >
> > RFC7725, "An HTTP Status Code to Report Legal Obstacles" has seen some
> deployment in the ~4 years since its publication, including by some
> platforms who use it to indicate that various legal demands have been made
> of them.
> >
> > About two years later, we discussed adopting
> draft-sahib-251-new-protocol-elements. There wasn't substantial interest in
> the WG, but enough in the broader community for it to be AD-sponsored.
> >
> >   https://tools.ietf.org/html/draft-sahib-451-new-protocol-elements-03
> >
> > For whatever reason, it never got out of AD-sponsorship, and our current
> AD has asked what we'd like to do about it.
> >
> > Tommy and I believe that if this document is to proceed, it should be in
> the HTTP WG, not AD-sponsored. We're also inclined to think that if there's
> support, the best path forward would be to do a (relatively small) 7725bis;
> besides the issues that draft-sahib attempts to address, there's been some
> discussion of adjusting wording to make it clear that the status code is
> also useable when a request is refused for legal reasons in absence of an
> actual legal demand -- e.g., when the server wishes to serve the response,
> but believes that some legal obligation prevents them from doing so.
> >
> > Please discuss. If there seems to be support, we'll do a formal CfA
> (incorporating feedback already received).
> >
> > Cheers,
> >
> > Mark and Tommy
>
>

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Thursday, 12 November 2020 16:24:16 UTC