Sun Dec 20, 2015, 11:32 PM
Recursion (50,859 posts)
Internet standards body approves HTTP response code 451: "Unavailable for Legal Reasons"
Every web page is preceded by a three-digit response code that your browser interprets rather than displaying directly. You've probably seen the famous 404, "Resource not found", along with some others like 501 "Server error". Previously, legally censored content was generally served as 403, "Forbidden", but that doesn't distinguish between cases where the web server is enforcing a local security policy and cases where a government is enforcing a legal censorship policy. 451 allows that distinction now.
Mark Nottingham, the chair of the IETF committee that is responsible for HTTP, has a nice run down of the history of the campaign for this response code at his blog:
Tim Bray brought this draft to the HTTP Working Group some time ago, because he (and many others) thought it was important to highlight online censorship; the 403 status code says "Forbidden", but it doesn't say "I can't show you that for legal reasons." Hence, 451 (which is also a great tip of the hat to Ray Bradbury).
Initially, I and some others pushed back. HTTP status codes are a constrained name space; once we use everything from 400 to 499, for example, we're out of luck. Furthermore, while 451 met many of the guidelines for new status codes (such as being potentially applicable to any resource), there wasn't any obvious way for machines to use it -- i.e., this was something you could do in a header or the message body of a 403, so it didn't seem to justify expending a status code.
More importantly, we started to hear from members of the community that they wanted to be able to discover instances of censorship in an automated fashion. For example, Lumen (previously, Chilling Effects) and Article19 expressed interest in being able to spider the Web to look for the 451 status code, so they could catalogue censorship.
That's a use case that argues for machine-readable semantics. While this could have been done with a HTTP header on a 403, 451 had already started to get traction, and it was felt that a status code was a more robust way to get the semantics across.
0 replies, 612 views