idnits 2.17.1 draft-451-new-protocol-elements-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 27, 2017) is 2372 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Missing Reference: 'TBD' is mentioned on line 138, but not defined Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 HTTP Working Group S. Sahib 3 Internet-Draft October 27, 2017 4 Intended status: Informational 5 Expires: April 30, 2018 7 New protocol elements for HTTP Status Code 451 8 draft-451-new-protocol-elements-01 10 Abstract 12 This draft recommends protocol updates to Hypertext Transfer Protocol 13 (HTTP) status code 451 (defined by RFC7725) based on an examination 14 of how the new status code is being used by parties involved in 15 denial of Internet resources because of legal demands. 17 Discussion of this draft is at https://www.irtf.org/mailman/listinfo/ 18 hrpc and https://lists.ghserv.net/mailman/listinfo/statuscode451. 20 Status of This Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on April 30, 2018. 37 Copyright Notice 39 Copyright (c) 2017 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 55 2. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 2 56 3. Existing Protocol Elements . . . . . . . . . . . . . . . . . 2 57 4. Recommendations . . . . . . . . . . . . . . . . . . . . . . . 3 58 5. Security Considerations . . . . . . . . . . . . . . . . . . . 3 59 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3 60 7. Normative References . . . . . . . . . . . . . . . . . . . . 4 61 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 4 63 1. Introduction 65 [RFC7725] was standardized by the IETF in February 2016. It defined 66 HTTP status code 451 - to be used when a "a server operator has 67 received a legal demand to deny access to a resource or to a set of 68 resources that includes the requested resource". The intention was 69 to provide a uniform mechanism to indicate online censorship. 71 Subsequently, an effort was made to investigate usage of 451 status 72 code and evaluate if it fulfills its mandate of providing 73 "transparency in circumstances where issues of law or public policy 74 affect server operations" [IMPL_REPORT_DRAFT]. This draft attempts 75 to explicate the protocol recommendations arising out of that 76 investigation. 78 2. Requirements 80 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 81 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 82 document are to be interpreted as described in [RFC2119]. 84 3. Existing Protocol Elements 86 The status code as standardized by the IETF specifies the following 87 elements [RFC7725] - 89 - A server can return status code 451 to indicate that it is denying 90 access to a resource or multiple resources on account of a legal 91 demand. 93 - Responses using the status code SHOULD include an explanation in 94 the response body of the details of the legal demand. 96 - Responses SHOULD include a "Link" HTTP header field [RFC8288] 97 whose value is a URI reference [RFC3986] identifying itself. The 98 "Link" header field MUST have a "rel" parameter whose value is 99 "blocked-by". The intent is that the header be used to identify 100 the entity actually implementing blockage, not any other entity 101 mandating it. 103 4. Recommendations 105 - In addition to the "blocked-by" header, an HTTP response with 106 status code 451 SHOULD include another "Link" HTTP header field 107 which has a "rel" parameter whose value is "blocking-authority". 108 It's important to distinguish between the implementer of the 109 block, and the authority that mandated the block in the first 110 place. This is because these two organizations might not be the 111 same - a government (the blocking authority) could force an 112 Internet Service Provider (the implementer of the block) to deny 113 access to a certain resource. 115 - HTTP status code 451 is increasingly being used to deny access to 116 resources based on geographical IP. The scope of this denial is 117 sometimes as finely scoped as a city or a province. The response 118 SHOULD contain a provisional header with geographical scope of 119 block. 121 5. Security Considerations 123 This document does not add additional security considerations to 124 [RFC7725]. 126 6. IANA Considerations 128 The Link Relation Type Registry should be updated with the following 129 entry [TBD]: 131 - Relation Name: blocking-authority 133 - Description: Identifies the authority that has issued the block. 135 - Reference: This document 137 In addition, IANA should be updated with the following provisional 138 header [TBD]: 140 - Header field name: geo-scope-block 142 - Applicable protocol: http 143 - Status: provisional 145 - Specification document(s): this document 147 7. Normative References 149 [IMPL_REPORT_DRAFT] 150 Abraham, S., Canales, MP., Hall, J., Khrustaleva, O., ten 151 Oever, N., Runnegar, C., and S. Sahib, "Implementation 152 Report for HTTP Status Code 451", 2017, 153 . 155 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 156 Requirement Levels", BCP 14, RFC 2119, 157 DOI 10.17487/RFC2119, March 1997, . 160 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 161 Resource Identifier (URI): Generic Syntax", STD 66, 162 RFC 3986, DOI 10.17487/RFC3986, January 2005, 163 . 165 [RFC7725] Bray, T., "An HTTP Status Code to Report Legal Obstacles", 166 RFC 7725, DOI 10.17487/RFC7725, February 2016, 167 . 169 [RFC8288] Nottingham, M., "Web Linking", RFC 8288, 170 DOI 10.17487/RFC8288, October 2017, . 173 Author's Address 175 Shivan Kaul Sahib 177 EMail: shivankaulsahib@gmail.com