W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2011

Re: Privacy and HTTP intermediaries

From: Ben Niven-Jenkins <ben@niven-jenkins.co.uk>
Date: Tue, 3 May 2011 23:44:17 +0100
Cc: Mark Nottingham <mnot@mnot.net>, httpbis mailing list <ietf-http-wg@w3.org>
Message-Id: <C5E48EDE-D3E4-428B-B19C-CF3B56C560E2@niven-jenkins.co.uk>
To: "Thomson, Martin" <Martin.Thomson@commscope.com>

On 3 May 2011, at 03:16, Thomson, Martin wrote:

> On 2011-05-03 at 11:47:45, Mark Nottingham wrote:
>> On 03/05/2011, at 11:10 AM, Thomson, Martin wrote:
>>> Does the value of the Cache-Control header have any bearing on whether 
>>> something is logged?
>> Nope.
>> I suppose you could read Cache-Control: no-store has having those 
>> semantics, but it doesn't in any implementation I'm aware of. Perhaps 
>> we need to clarify that.
> With my privacy nut hat on, it would be nice if that could be added.

If what could be added? A clarification that no-store suddenly has an associated semantic that no implementation associates with it currently?

>  It's certainly consistent with the definition of no-store.
> I'm not expecting the guidance to have any teeth, nor for it to have any impact on implementations, but there's a definite advantage to having text to that effect.

If you do not expect "the guidance to have any teeth, nor for it to have any impact on implementations", what exactly are you hoping to achieve?

> There is the question about non-caching intermediaries that might otherwise perform logging.  They aren't always going to look at Cache-Control unless they need to (for no-transform), so a caveat along the lines of "this is NOT a reliable or sufficient mechanism" might need to be added for this.
> That leaves me with (for p6, S3.2.1 & S3.2.2):
>  An intermediary that performs logging (whether or not it implements a cache) MUST NOT perform logging for requests or responses with a no-store directive.

Apart from the fact that I'm not aware of an implementation that associates such a semantic with no-store, given the reasons that logging is often enabled (e.g. debugging, reporting, billing, etc.) I simply don't see that it is likely that implementations will adhere to the stated requirement to not log requests/responses containing no-store and therefore having a specification mandate something that few if any implementations will adhere to seems entirely pointless to me. It has nothing to do with inter-operation and at best will give some subset of folks the impression that using no-store will provide some additional level of privacy that in practice will be non-existent.

Received on Tuesday, 3 May 2011 22:44:44 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:13:51 UTC