Network Working Group S. Sahib
Internet-Draft July 16, 2018
Intended status: Informational
Expires: January 17, 2019
New protocol elements for HTTP Status Code 451
draft-sahib-451-new-protocol-elements-02
Abstract
This document recommends additional protocol elements to Hypertext
Transfer Protocol (HTTP) status code 451 (defined by RFC7725).
Discussion of this document was conducted on the Human Rights
Protocol Considerations Research Group mailing list
https://www.irtf.org/mailman/listinfo/hrpc [1], briefly on the
HTTPBIS Working Group mailing list ietf-http-wg@w3.org [2] and on
https://lists.ghserv.net/mailman/listinfo/statuscode451 [3].
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 17, 2019.
Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
Sahib Expires January 17, 2019 [Page 1]
Internet-Draft New elements for HTTP 451 July 2018
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. New Protocol Elements . . . . . . . . . . . . . . . . . . . . 2
2.1. Blocking Authority . . . . . . . . . . . . . . . . . . . 2
2.2. Geographical Scope of Block . . . . . . . . . . . . . . . 3
3. Security Considerations . . . . . . . . . . . . . . . . . . . 3
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 3
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 4
6.1. Normative References . . . . . . . . . . . . . . . . . . 4
6.2. Informative References . . . . . . . . . . . . . . . . . 4
6.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 5
1. Introduction
[RFC7725] was standardized by the IETF in February 2016. It defined
HTTP status code 451 - to be used when "a server operator has
received a legal demand to deny access to a resource or to a set of
resources".
This document attempts to outline protocol recommendations that would
help make the status code more useful to users.
2. New Protocol Elements
2.1. Blocking Authority
In addition to the "blocked-by" header specified in [RFC7725], an
HTTP response with status code 451 would benefit from including
another "Link" HTTP header field [RFC5988] which has a "rel"
parameter whose value is "blocking-authority". It's important to
distinguish between the implementer of the block, and the authority
that mandated the block in the first place. This is because these
two organizations might not be the same - a government (the blocking
authority) could force an Internet Service Provider (the implementer
of the block) to deny access to a certain resource. There is
confusion amongst implementors of [RFC7725] about the meaning of the
term "blocked-by", perhaps in part because of the example given in
the RFC [ERRATA_ID-5181] - it would be useful to explicitly include
space for both, as both provide essential information about the legal
block.
Sahib Expires January 17, 2019 [Page 2]
Internet-Draft New elements for HTTP 451 July 2018
2.2. Geographical Scope of Block
HTTP status code 451 is increasingly being used to deny access to
resources based on geographical IP. The response should contain a
provisional header with geographical scope of block. This scope
should correspond to comma-separated list of alpha-2 country codes
defined in [ISO.3166-1]. The rationale for keeping the geographical
scope to country-level granularity is that most blocks are mandated
by national governments [IMPL_REPORT],
[AUTOMATTIC_COUNTRY_BLOCK_LIST]. In addition, as the serving of this
status code is voluntary, there is value in not complicating the
specification.
3. Security Considerations
This document does not add additional security considerations to
[RFC7725].
4. IANA Considerations
The Link Relation Type Registry should be updated with the following
entry:
- Relation Name: blocking-authority
- Description: Identifies the authority that has issued the block.
- Reference: this document
In addition, IANA should be updated with the following provisional
header:
- Header field name: geo-scope-block
- Applicable protocol: http
- Status: provisional
- Specification document(s): this document
Acknowledgements
Thanks to Alp Toker, Christine Runnegar, Niels ten Oever, Stephane
Bortzmeyer, Corinne Cath and many others on the HRPC mailing list
(linked above) for reviewing and brainstorming.
Sahib Expires January 17, 2019 [Page 3]
Internet-Draft New elements for HTTP 451 July 2018
6. References
6.1. Normative References
[ERRATA_ID-5181]
Bortzmeyer, S., "[Technical Errata Reported] RFC7725
(5181)", 2017,
<https://www.rfc-editor.org/errata/eid5181>.
[ISO.3166-1]
International Organization for Standardization, "Codes for
the representation of names of countries and their
subdivisions - Part 1: Country code", ISO Standard 3166-
1:1997 , 1997.
[RFC2277] Alvestrand, H., "IETF Policy on Character Sets and
Languages", BCP 18, RFC 2277, DOI 10.17487/RFC2277,
January 1998, <https://www.rfc-editor.org/info/rfc2277>.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, DOI 10.17487/RFC3986, January 2005,
<https://www.rfc-editor.org/info/rfc3986>.
[RFC5988] Nottingham, M., "Web Linking", RFC 5988,
DOI 10.17487/RFC5988, October 2010,
<https://www.rfc-editor.org/info/rfc5988>.
[RFC7725] Bray, T., "An HTTP Status Code to Report Legal Obstacles",
RFC 7725, DOI 10.17487/RFC7725, February 2016,
<https://www.rfc-editor.org/info/rfc7725>.
[RFC8280] ten Oever, N. and C. Cath, "Research into Human Rights
Protocol Considerations", RFC 8280, DOI 10.17487/RFC8280,
October 2017, <https://www.rfc-editor.org/info/rfc8280>.
[RFC8288] Nottingham, M., "Web Linking", RFC 8288,
DOI 10.17487/RFC8288, October 2017,
<https://www.rfc-editor.org/info/rfc8288>.
6.2. Informative References
[AUTOMATTIC_COUNTRY_BLOCK_LIST]
"Automattic - Country Block List", 2018,
<https://transparency.automattic.com/country-block-list/>.
Sahib Expires January 17, 2019 [Page 4]
Internet-Draft New elements for HTTP 451 July 2018
[IMPL_REPORT]
Abraham, S., Canales, MP., Hall, J., Khrustaleva, O., ten
Oever, N., Runnegar, C., and S. Sahib, "Implementation
Report for HTTP Status Code 451", 2017,
<https://tools.ietf.org/html/draft-451-imp-report-00>.
6.3. URIs
[1] https://www.irtf.org/mailman/listinfo/hrpc
[2] mailto:ietf-http-wg@w3.org
[3] https://lists.ghserv.net/mailman/listinfo/statuscode451
Author's Address
Shivan Kaul Sahib
EMail: shivankaulsahib@gmail.com
Sahib Expires January 17, 2019 [Page 5]
