W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 1996

Re: Hit-metering: to Proposed Standard?

From: <hallam@vesuvius.ai.mit.edu>
Date: Wed, 20 Nov 96 12:49:16 -0500
Message-Id: <9611201749.AA01590@vesuvius.ai.mit.edu>
To: Ari Luotonen <luotonen@netscape.com>, http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Cc: hallam@vesuvius.ai.mit.edu
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/1922

>Before there's any confusion on this matter: the hit reporting in
>Mogul, Leach draft discloses ONLY the number of hits, NOTHING else.
>That's the least bit of information you need to have in order to find
>out how much of your services were used.  No individual users' private
>information was disclosed.

This is precisely what worries me about the draft. I don't believe it
gives anything like sufficient information to the advertisers. Having
spoken at length to this community at the workshop we organised on the
topic at MIT I'm afraid that the draft simply does not meet the needs
of either side.

Rather than attempt to make this decision on our own how about we
arrange a meeting with the actual advertisers. They are not engineers
and do not contribute to IETF mailing lists. But if we are to produce
a system that meets their needs while satisfying our privacy concerns
we need to have a much better overview of the requirements.

The IETF was able to successfully operate in mailing list only mode
in the days when the IETF engineers were the principal users of their
products (telne, ftp et al). I don't consider listening to customer 
reports filtered through the marketing department is going to be
particularly useful either.

Another cause for concern is the breakdown of the password 
authentication and cookie model of doing user authentication. I don't
know if other people have noticed but the trend amongst the sites seems
to be towards using password authentication which may indicate that
the content providers are switching, posibly because there are now
"cookie aware" caches.

Since the content provider has available in the protocol a means of
forcing every hit to arrive and thus be counted I think that providing 
any less information that they would gain thereby is likely to be an
exercise in futility. At the end of the day I doubt that many people 
on this list would forego doubling their income to save internet 

Received on Wednesday, 20 November 1996 09:50:45 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:16:21 UTC