The "safe" HTTP Preference
RFC 8674

Approval announcement
Draft of message to be sent after approval:

From: The IESG <>
To: IETF-Announce <>
Cc: RFC Editor <>
Subject: Protocol Action: 'The "safe" HTTP Preference' to Proposed Standard (draft-nottingham-safe-hint-05.txt)

The IESG has approved the following document:
- 'The "safe" HTTP Preference'
  (draft-nottingham-safe-hint-05.txt) as Proposed Standard

This document is the product of the Applications Area Working Group.

The IESG contact persons are Barry Leiba and Pete Resnick.

A URL of this Internet Draft is:

Technical Summary

Many Web sites have a "safe" mode, to assist those who don't want to
be exposed (or have their children exposed) to "objectionable"
content.   This specification defines how to declare this desire in requests
as an HTTP Preference.

Review and Consensus

The document itself is fairly straightforward.  It has withstood mulitple attempts by
participants to make the “safe” request multi-valued or otherwise something stronger
than a simple Boolean request flag.  There has also been some spirited discussion
about whether this should be done at all.  See discussion on the apps-discuss list,
and then on the IETF discussion list during last call.

In the end, the responsible AD thinks there is rough consensus to proceed, but the
consensus is, indeed rough.  The main point of roughness involves whether the
meaning of "safe" is sufficient for this to be useful.  There's operational evidence
that it is, but there are significant and warranted concerns about situations where
the user and the server disagree on the meaning enough to make the setting
problematic in those situations.

The second point of roughness is whether wide use of the bit on clients, or forced
use by proxies or censorship filters could be used for ill.  The responsible AD
believes this has been settled, but only by lack of support for the position.


Murray Kucherawy is the document shepherd.
Barry Leiba is the responsible Area Director.