- From: Adrien de Croy <adrien@qbik.com>
- Date: Wed, 04 May 2011 10:39:41 +1200
- To: HTTP Working Group <ietf-http-wg@w3.org>
I think the cases where client-controlled suppression of logging will be useful are few and far between. In most cases, the user should not have authority to control logging function on an intermediary. Only if the intermediary explicitly allows such control (and I can't imagine any corporate sys admins turning such a feature on) could it be allowed by policy. It's also completely open to abuse (proxy advertises ok, it will do it, but then doesn't). I don't know if I buy the argument "at least we should try". This will just bloat http requests out with yet another bandwidth-wasting header. On 3/05/2011 6:41 p.m., Poul-Henning Kamp wrote: > In message<8B0A9FCBB9832F43971E38010638454F0404907213@SISPE7MB1.commscope.com> > , "Thomson, Martin" writes: >> On 2011-05-03 at 16:16:57, Willy Tarreau wrote: >> That was my initial thought too. Until I saw the description of no-transform, >> which almost all of those examples will have to respect...if they want >> to remain compliant. > This is the crux of the matter: How can you as a privacy-desiring user > know if they want to be compliant ? > > Squezing non-effective "please-protect-my-privacy" requests into HTTP > is not going to have any practical effect at all, so we should not do it. > -- Adrien de Croy - WinGate Proxy Server - http://www.wingate.com
Received on Tuesday, 3 May 2011 22:40:19 UTC