Re: ISSUE-95: May an institution or network provider set a tracking preference for a user?

If you look at draft-ietf-httpbis-p2-semantics-17 (the almost-done revision of HTTP), one of the considerations that's explicitly called out for new header specifications is:

>    o  Under what conditions intermediaries are allowed to modify the

>       header field's value, insert or delete it.

That question is answered by the current "MUST NOT" text.

Meanwhile, I believe that we're in violent agreement on the actual substance here, and would respectfully suggest that we move on.

Thomas Roessler, W3C  <>  (@roessler)

On 2011-12-23, at 04:03 +0100, Bjoern Hoehrmann wrote:

> * Thomas Roessler wrote:
>> 1. On the technical level, HTTP is specified (among other things) in
>> terms of user agent behavior, server behavior, and intermediary
>> behavior.  It, for example, says how intermediaries handle hop-to-hop
>> header, how caching behavior is controlled by the protocol, and all
>> that.  Intermediaries are participants in that protocol, and they
>> actually are developed according to specifications.  Therefore, on the
>> technical level, we need the "intermediaries MUST NOT mess with this
>> header" note.  That's part of the technical protocol specification.
> I am saying that HTTP does not allow intermediaries to rewrite, add, or
> remove the "dnt" header without the user agreeing to that in some way.
> If you can demonstrate that HTTP allows this, please go ahead and do so.
> -- 
> Björn Höhrmann · ·
> Am Badedeich 7 · Telefon: +49(0)160/4415681 ·
> 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · 

Received on Friday, 23 December 2011 09:14:35 UTC