ietf
[Top] [All Lists]

Re: Last Call: <draft-nottingham-safe-hint-05.txt> (The "safe" HTTP Preference) to Proposed Standard

2014-10-27 18:51:54
On Oct 27, 2014, at 4:45 PM, Brian E Carpenter 
<brian(_dot_)e(_dot_)carpenter(_at_)gmail(_dot_)com> wrote:

On 28/10/2014 12:13, Paul Hoffman wrote:
On Oct 27, 2014, at 3:54 PM, Brian E Carpenter 
<brian(_dot_)e(_dot_)carpenter(_at_)gmail(_dot_)com> wrote:
On 28/10/2014 06:57, John Levine wrote:
As it is the meaning of a safe hint is to be intuited by the recipient.
Yes.  That's not a bug.

I don't understand the point of hypothetical arguments about whether a
safe flag might be useful.  We already know the answer: Many of the
largest web services in the world already have one.  Youtube puts
theirs right on the home page.
John, I don't think the argument is about whether it will work technically
or whether it will be used. The argument is about whether this is something
that the IETF should endorse as a Proposed Standard, which implies that
we think it will be effective.

Just to be clear: are you saying that you believe that those large web 
properties already doing this has *not* been effective? I have to believe 
that they have spent more time than us measuring that, and that they came to 
the conclusion that it was continuing to be effective.

No. I mean that a badly motivated web site can pretend to offer safe material
using this but actually offer objectionable material (for whatever definition
of safe or objectionable you care to adopt). For example a site being used
to "groom" innocent victims could pretend that all its content was safe.
This would actually make the site much more dangerous than before, because
of the illusion of safety.

And you believe that the sites using this feature now have not thought of that, 
yes? I'm trying to figure out why you think that your analysis of the problem 
is probably more correct than that of the large sites that have implemented it 
already.

--Paul Hoffman

<Prev in Thread] Current Thread [Next in Thread>