Re: Last Call: <draft-nottingham-safe-hint-05.txt> (The "safe" HTTP Preference) to Proposed Standard
2014-11-18 11:56:36On 11/18/14 9:44 AM, Eliot Lear wrote:
Hi Joe, On 11/18/14, 6:21 PM, Joseph Lorenzo Hall wrote:(Incidentally, if something outside the browser inserts this header it may be very difficult for the user to actually turn off, as well. I'm not sure if that's something you've thought about. In DNT, there are applications you can install that will insert that header for you on each request (AVG does this).)If that is detected (and it is easily detected by comparing against a TLS request), the content provider is not likely to make use of the safe bit. In fact the content provider is in a good position to warn the user that this sort of thing is going on.
The draft not only assumes that proxies should insert this on ones' behalf, but that such an activity is a normal course of events. Furthermore, a proxy (for example, at a school) can associate the preference with all (unencrypted) requests flowing through it, helping to assure that clients behind it are not exposed to "objectionable" content.
Eliot
signature.asc
Description: OpenPGP digital signature
| Previous by Date: | Re: Last Call: <draft-nottingham-safe-hint-05.txt> (The "safe" HTTP Preference) to Proposed Standard, Doug Barton |
|---|---|
| Next by Date: | Re: Last Call: <draft-nottingham-safe-hint-05.txt> (The "safe" HTTP Preference) to Proposed Standard, Joseph Lorenzo Hall |
| Previous by Thread: | Re: Last Call: <draft-nottingham-safe-hint-05.txt> (The "safe" HTTP Preference) to Proposed Standard, Eliot Lear |
| Next by Thread: | Re: Last Call: <draft-nottingham-safe-hint-05.txt> (The "safe" HTTP Preference) to Proposed Standard, Murray S. Kucherawy |
| Indexes: | [Date] [Thread] [Top] [All Lists] |