W3C home > Mailing lists > Public > public-tracking@w3.org > February 2012

Re: ACTION-110: Write proposal text for what it means to "not track" (ISSUE-119)

From: Nicholas Doty <npdoty@w3.org>
Date: Mon, 13 Feb 2012 13:09:54 -0800
Cc: Ninja Marnau <nmarnau@datenschutzzentrum.de>, "<public-tracking@w3.org> (public-tracking@w3.org)" <public-tracking@w3.org>
Message-Id: <7FF1C70D-F1CC-4A5C-8E79-59833108577B@w3.org>
To: "Roy T. Fielding" <fielding@gbiv.com>
Hi Roy,

On Feb 13, 2012, at 12:49 PM, Roy T. Fielding wrote:
> Please be aware that this would require Apache httpd to respond
> that it is always tracking, by default, regardless of how the
> underlying services are implemented.  Likewise for Squid, TrafficServer,
> haproxy, and all other HTTP servers that I am aware of.
> 
> If we can't find a definition that allows HTTP access logs and normal
> retention for fraud control, then let's give up.  I will not implement
> DNT if it can be used as a bypass for fraud and security controls.

As I believe Ninja noted, this is *not* intended as a set of requirements for compliance with a DNT header, just a meaningful and entirely optional description that a site can use if it absolutely isn't tracking.

If there is an alternate definition that could accommodate common httpd configurations and still communicate to the user that to a more complete level no tracking is occurring, it would be great to see that option.

Thanks,
Nick
Received on Monday, 13 February 2012 21:10:11 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:25 UTC