W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2007

RE: [RFC] HTTP Information Request

From: Eric Lawrence <ericlaw@exchange.microsoft.com>
Date: Fri, 22 Jun 2007 03:20:12 -0700
To: Harhalakis Stefanos <v13@it.teithe.gr>, David Morris <dwm@xpasc.com>
CC: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-ID: <8301DE7F96C0074C8DA98484623D7E511587136A87@DF-MASTIFF-MSG.exchange.corp.microsoft.com>

In the IE4/IE5 timeframe, Internet Explorer had this feature-- it was called the Profile Assistant.  http://msdn2.microsoft.com/en-us/library/ms533032.aspx

As I understand it, the feature was never very popular.  From a technology perspective, I don't think the implementation (HTML attributes) had any problems that implementation at the HTTP-level would have resolved.

Eric Lawrence
Program Manager
Internet Explorer
Want to view and tamper with HTTP(S) traffic?
Try http://www.fiddler2.com


-----Original Message-----
From: ietf-http-wg-request@w3.org [mailto:ietf-http-wg-request@w3.org] On Behalf Of Harhalakis Stefanos
Sent: Friday, June 22, 2007 3:00 AM
To: David Morris
Cc: ietf-http-wg@w3.org
Subject: Re: [RFC] HTTP Information Request





On Friday 22 June 2007 00:37, David Morris wrote:
> There has been a concern in the past that too many benign details about a
> user could be come a unique signature identifing individuals when they
> don't expect to be identified. I worry much more about abuse of seemingly
> benign data than overt identifiers.

Consider this:

  You visit an on-line shop. You make your order and its time to fill your
address etc. A popup informs you that the site requests your name, address,
telephone, etc. You select that you want to sent your name and address but
not your telephone. Since all or part of the information submission must be
approved by the user, it cannot be abused. After all, logging in with a
username/password provides a far more easier to implement user tracking
oportunity.
Received on Friday, 22 June 2007 10:22:50 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:50:10 GMT