W3C home > Mailing lists > Public > public-tracking@w3.org > October 2011

Response Headers [ISSUE-47,ISSUE-48,ISSUE-51,ISSUE-76,ISSUE-79,ISSUE-80,ISSUE-81,ISSUE-87]

From: Matthias Schunter <mts@zurich.ibm.com>
Date: Tue, 04 Oct 2011 10:11:35 +0200
Message-ID: <4E8ABFB7.7080800@zurich.ibm.com>
To: Matthias Schunter <mts@zurich.ibm.com>, "Aleecia M. McDonald" <aleecia@aleecia.com>, Thomas Roessler <tlr@w3.org>, Nick Doty <npdoty@w3.org>, public-tracking@w3.org
Dear DNT Team,

We would like to start discussions in writing to resolve selected issues.

The task at hand is to
 - Define the elements that should go into the response header

Related issues are
ISSUE-47	Should the response from the server point to a URI of a
policy (or an existing protocol) rather than a single bit in the protocol?
ISSUE-48	Response from the server could both acknowledge receipt of a
value and (separately) whether the server will honor it
ISSUE-51	Should 1st party have any response to DNT signal
ISSUE-76	Should a server echo the DNT header to confirm receipt?
ISSUE-79	Should a server respond if a user sent DNT:0?
ISSUE-80	Instead of responding with a Link: header URI, does it make
sense to use a well-known location for this policy?
ISSUE-81	Do we need a response at all from server?
ISSUE-87	Should there be an option for the server to respond with "I
don't know what my policy is"

The goal of this excercise is to provide input that allows the editor
to propose a protocol message specification for our Recommendation.

Feel free to provide additional inputs. The editor of the definitions
chapter will then propose a strawman that will then be published for



---  The FTC staff report

--- FTC guidelines for behavioral targeting

--- IAB Self-Regulatory Principles for Online Behavioral Advertising

--- Do Not Track Cookbook

--- IETF proposal for Do Not Track

8.4.  Response Header RECOMMENDED

   In responding to a request that includes a Do Not Track header, a
   third-party server that complies with Do Not Track SHOULD echo the
   request header.  For example:

   GET /thirdpartycontent.html HTTP/1.1
   Host: thirdparty.example.com

   DNT: 1

   HTTP/1.1 200 OK
   Date: Mon, 7 March 2011 01:23:45 GMT
   Server: Apache/2.2.17 (Unix)
   Content-Length: 123
   Connection: close
   Content-Type: text/html; charset=UTF-8
   DNT: 1

   This feature is intended to aid in the decentralized collection of
   statistics about the Do Not Track mechanism, including adoption rates
   and intermediary operations.  It is also intended to clearly identify
   whether a request was processed in compliance with Do Not Track.

--- Electronic Frontier Foundation (EFF) discussion of Do Not Track

--- The Center for Democracy and Technology (CDT) DNT proposal

--- Mozilla Do Not Track Field Guide

--- Microsoft Web Tracking Protection, member submission to W3C

-- Dr. Matthias Schunter, MBA IBM Zurich Research Laboratory, Ph. +41
(44) 724-8329 Homepage: www.schunter.org, Email: schunter(at)acm.org
PGP Fingerprint 989AA3ED 21A19EF2 B0058374 BE0EE10D
Received on Tuesday, 4 October 2011 09:45:10 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:38:25 UTC