W3C home > Mailing lists > Public > public-tracking@w3.org > June 2012

Re: ACTION-211 Draft text on how user agents must obtain consent to turn on a DNT signal

From: Peter Cranstone <peter.cranstone@gmail.com>
Date: Wed, 13 Jun 2012 16:07:09 -0600
To: Kevin Smith <kevsmith@adobe.com>, Rigo Wenning <rigo@w3.org>, "public-tracking@w3.org" <public-tracking@w3.org>
CC: Shane Wiley <wileys@yahoo-inc.com>, Justin Brookman <justin@cdt.org>
Message-ID: <CBFE6ABA.32B5%peter.cranstone@gmail.com>

You're kidding right? DNT only requires you read the incoming header to
see if it's present. Now I have to do the browser UA sniff test and then
reject someone because even though the DNT flag is correct you don't like
that the OEM enabled it by default.

I can imagine Adobe adopting that on their Web site - Not.

Peter J. Cranstone

On 6/13/12 4:00 PM, "Kevin Smith" <kevsmith@adobe.com> wrote:

>It is the very fact that the server cannot know whether the setting was
>enabled by the user or the browser which makes the browser non-compliant.
>As such, the server communicates its inability to respond appropriately to
>the header back to the user to let them know that if they did initiate the
>intent, it will not be acknowledged unless they use a supported compliant
>browser to convey the intent.
>-----Original Message-----
>From: Rigo Wenning [mailto:rigo@w3.org]
>Sent: Wednesday, June 13, 2012 10:56 AM
>To: public-tracking@w3.org
>Cc: Shane Wiley; Peter Cranstone; Justin Brookman
>Subject: Re: ACTION-211 Draft text on how user agents must obtain consent
>turn on a DNT signal
>On Wednesday 13 June 2012 07:58:02 Shane Wiley wrote:
>> The Server doesn't need to know - I believe that's the point you're
>> missing.  The user installed a non-compliant UA and the Server will
>> respond as such.  The user then has multiple options to exercise their
>> choice but continued use of that specific UA to communicate DNT is NOT
>> one of them.
>the user can't communicate back to the server that she has now looked into
>the preferences, made a real choice, but wants to continue to use IE10.
>is the big bug in the suggestion for the discrimination of a user agent
>currently suggested by you, Ian and Roy. IE10 is not uncompliant in every
>situation. And the current suggestion can't change back to "I accept" as
>user has no means to communicate back "I really really mean it". You just
>will reject all DNT traffic from IE10. This means you discriminate against
>valid traffic without any possibility to rectify.
>And this is really something where I start to have some doubts.
>Browser sniffing is evil. Again: Browser sniffing is evil. Why don't we
>start saying, we do not like traffic from AVG. We believe it is not
>compliant etc.. Where does that discrimination end? And again, the user
>can't revert that as it is hard coded into your servers.
>There must be another way. Lets brainstorm about it. But browser sniffing
>evil! The solution to ignore a signal based on some (possibly spoofed)
>vendor string in the HTTP chatter is definitely going the wrong way.
Received on Wednesday, 13 June 2012 22:07:48 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:44:51 UTC