Re: Introducing a new HTTP response header for Carbon Emissions calculation

Hi Bertrand,

Section 4 states in part "use of the "Carbon-Emissions-Scope-2" header
field does not introduce any new security risks". That is clearly
incorrect. Exposing this data provides information to would-be attackers
who are interested in increasing costs for the origin and/or increasing
carbon emissions.

On Tue, Apr 11, 2023 at 6:25 AM Bertrand Martin <bertrand@sentrysoftware.com>
wrote:

> Hi, (newbie here)
>
> I submitted a new I-D to define a simple HTTP response header field with
> the amount of CO2-eq in grams emitted by the processing of the request and
> the production of the response:
> https://datatracker.ietf.org/doc/draft-martin-http-carbon-emissions-scope-2/
>
> Example:
> Carbon-Emissions-Scope-2: 0.0000456
>
> The goal:
> If HTTP servers are able to calculate or estimate this value, it will
> allow clients and applications to assess their Scope 3 carbon emissions. It
> is critical that we define a standard header for reporting this metric to
> help organizations assess the carbon emissions associated to the
> consumption of external services, SaaS, or even a Web site, a Google
> search, a ChatGPT response, etc.
>
> Note: We're talking about Scope-2 emissions only (i.e. associated to the
> electricity consumed while performing the service), because you only need
> to take into account the Scope-2 emissions of your suppliers when you
> estimate your own Scope-3 emissions. See
> https://www.iso.org/standard/66453.html  and
> https://ghgprotocol.org/sites/default/files/standards_supporting/FAQ.pdf
> for more information on Scope 1, 2 and 3.
>
> Any chance this would be looked at by the HTTPbis WG? I believe this could
> transform the industry in how it handles carbon emissions.
>
> Thank you!
>
> Bertrand Martin
> sentrysoftware.com
>
>
>
>