RE: Multiple DNT Headers (ACTION-283, ISSUE-150) from Shane Wiley on 2012-10-10 (public-tracking@w3.org from October 2012)

From: Shane Wiley <wileys@yahoo-inc.com>
Date: Wed, 10 Oct 2012 15:41:00 -0700
To: John Simpson <john@consumerwatchdog.org>
CC: Jonathan Mayer <jmayer@stanford.edu>, "public-tracking@w3.org" <public-tracking@w3.org>
Message-ID: <63294A1959410048A33AEE161379C802747DFD8C2D@SP2-EX07VS02.ds.corp.yahoo.com>

John,

I respectfully disagree.  Servers should not be placed at an automatic disadvantage if they receive conflicting signals.  Unless there is a singular, consumer driven signal, then no signal should be considered to have been received.  Its disingenuous (in my opinion) for consumer advocates to on one hand agree that users should have to expressly activate DNT and then on the other hand suggest that non-compliant or conflicting signals must be honored.  You're either on one side or the other - straddling the fence in this manner is not helpful.

- Shane

From: John Simpson [mailto:john@consumerwatchdog.org]
Sent: Wednesday, October 10, 2012 3:22 PM
To: Shane Wiley
Cc: Jonathan Mayer; public-tracking@w3.org
Subject: Re: Multiple DNT Headers (ACTION-283, ISSUE-150)

Shane,

What would be the reason for acting as if no DNT header had been received if they conflict?  I'd think if there were a conflict, the consumer/privacy friendly approach would be to assume the user meant to send DNT:1 and somehow misconfigured the UA.  In other words, proceed with caution until you clearly determine what the user intended.  That's why the best practice would be to inform the  user of a possible problem.

Best,
John

----------
John M. Simpson
Consumer Advocate
Consumer Watchdog
2701 Ocean Park Blvd., Suite 112
Santa Monica, CA,90405
Tel: 310-392-7041
Cell: 310-292-1902
www.ConsumerWatchdog.org<http://www.ConsumerWatchdog.org>
john@consumerwatchdog.org<mailto:john@consumerwatchdog.org>

On Oct 10, 2012, at 2:59 PM, Shane Wiley wrote:

Alternate Text for Conflicting Headers:

If a server receives conflicting DNT headers, it MAY choose to treat the transaction as if no DNT header had been received.  The Server MAY choose to alert the user about possible user agent configuration issues causing multiple, conflicting DNT header signals to be received.

From: Jonathan Mayer [mailto:jmayer@stanford.edu]
Sent: Wednesday, October 10, 2012 2:46 PM
To: public-tracking@w3.org<mailto:public-tracking@w3.org>
Subject: Multiple DNT Headers (ACTION-283, ISSUE-150)

Proposed text on duplicate headers:

If a server receives duplicate DNT headers, it MUST act as if it had received a single DNT header.

Proposed text on conflicting headers:

If a server receives conflicting DNT headers, it MUST act as if it had received a single DNT: 1 header. It is a best practice for the server to alert the user about possible user agent misconfiguration.

Received on Wednesday, 10 October 2012 22:41:44 UTC