I makes no sense for an intermediary to override DNT:0 because that would be an indication for the most part that a UGE has been properly registered by the UA. On the other hand it makes no sense for an intermediary NOT be able to override DNT unset because a person should be able to buy a router for their home that can demand no tracking of any device there.

The UA should be able to respond to a UGE, communicate that clearly to the user etc. UAs SHOULD implement the JS UGE, intermediaries SHOULD NOT change an existing DNT setting but they MAY set DNT if it was originally unset if the user has requested that by, for example, configuring their router.

Mike

From: Walter van Holst [mailto:walter.van.holst@xs4all.nl]
Sent: 05 December 2013 20:55
To: public-tracking@w3.org
Subject: Re: any additional Proposals on UA requirement to handle exceptions

On 05/12/2013 21:48, Jack L. Hobaugh Jr wrote:

Nick,

To maintain the balance or symmetry as proposed by Shane below, I would also add:

To the extent that HTTP intermediaries are permitted by the TPE to inject a “DNT:1” signal (see TPE 4.2), the “HTTP intermediary” MUST also support User Granted Exceptions (“UGE”) to be compliant with the standard.

What about "Intermediaries SHALL not inject a DNT:1 signal when a DNT:0 signal is present"?

That should achieve the same. The problem with your suggestion is that with the current way UGE is proposed intermediaries cannot support UGE at all. It is not machine readable at a semantic level. So an intermediary cannot reliably notice a UGE request and simply has to pass in on to the UA. If the intermediary subsequently obediently leaves alone subsequent DNT:0 signals from the UA, all is well.

Not that you could possibly detect it if it weren't the case...

Regards,

Walter