Re: Agenda for January 15 from David Singer on 2014-01-16 (public-tracking@w3.org from January 2014)

From: David Singer <singer@apple.com>
Date: Wed, 15 Jan 2014 17:37:17 -0800
To: Walter van Holst <walter.van.holst@xs4all.nl>
Cc: Tracking Protection Working Group <public-tracking@w3.org>
Message-id: <3816E935-F20B-4E0B-971B-BE9F592FED17@apple.com>

On Jan 15, 2014, at 10:25 , Walter van Holst <walter.van.holst@xs4all.nl> wrote:

> On 15/01/2014 18:44, David Singer wrote:
>> I am sorry Walter, I simply don’t understand.
>> 
>> I am saying, if you write a browser or other UA, that accepts plugins
>> or other add-ons, whose DNT header can be affected by those plug-ins
>> or add-ons, you need to engineer the way that they work so that the
>> rules are followed.  There are many ways to do this.
> 
> Dear David,
> 
> The problem I have with this is precisely that. The TPE would introduce
> limitations to the extent a UA behaviour can be changed by add-ons. That
> works perfectly fine for Safari and Internet Explorer whose licenses
> allow a greater deal of control over their add-ons. It does not work for
> UAs that have licenses that explicitly rule out any limitations in terms
> of 'intended use'. Basically you end up imposing an obligation on UAs
> not to be licensed under a license that explicitly makes the intended
> use of the UA unlimited. Which throws out any open source UA.

Really?  If the UA can be engineered to meet the requirements without a user-loaded plug-in, why does that ability disappear when the user loads a plug-in?  I agree, open source means that if the user loads the source code and modifies it, all bets are off, but that’s not relevant.  In that case, the user has made his own (possibly non-conforming) UA.

> 
> Mozilla having a voluntary blocklist does not take away anything from
> that notion. I think that blocklist already may be a contradiction with
> their own MPL license. I have to look at that more closely. Regardless
> of that, other open source projects may feel differently, even if they
> are just a fork of Firefox. In case of any GPL UA this frankly cannot be
> reconciled with the GPL.
> 
> To make myself perfectly clear: this is not an software engineering
> argument, this is a legal argument. Feel free to consult your friendly
> native open source licensing expert.
> 
> All of this time and energy can be spent on more useful things once you
> adhere to the notion that ultimately you cannot know that the signal you
> receive actually originates from the UA it claims to originate from and
> that you either trust it blindly or not. Trusting it blindly makes
> perfect sense in a spec that assumes the UA likewise with any signals it
> receives from the server.
> 
> Regards,
> 
> Walter
> 

David Singer
Multimedia and Software Standards, Apple Inc.

Received on Thursday, 16 January 2014 01:38:14 UTC