- From: Roy T. Fielding <fielding@gbiv.com>
- Date: Wed, 8 Feb 2012 09:50:49 -0800
- To: Rigo Wenning <rigo@w3.org>
- Cc: public-tracking@w3.org, David Singer <singer@apple.com>
On Feb 8, 2012, at 6:16 AM, Rigo Wenning wrote: > On Tuesday 07 February 2012 18:13:11 Roy T. Fielding wrote: >> In the entire history of HTTP, the only other protocols that defined a >> response header to indicated compliance were MIME-version (ignored), >> DAV (ignored), PICS (failed), and P3P (ignored). I don't understand why >> this WG needs to make the same mistake. > > Roy, > > no response header, no consent recording(legally). It's as simple as that. And > P3P did not have a response header as the protocol was just 180 degree > opposite of the DNT protocol. I had three separate discussions with EU and UK regulators. None of them suggested that a response header is necessary. What is necessary is specific and prior consent. > Given that there will be no consent-recording, a SHOULD may be enough. But the > Specification MUST give clear information about why the response header is > needed to avoid the misunderstanding above. If you can write that up as a paragraph with a link to the applicable law, then that would be great. ....Roy
Received on Wednesday, 8 February 2012 17:55:44 UTC