Re: ISSUE-89: Does DNT mean at a high level: (a) no customization, users are seen for the first time, every time. (b) DNT is about data moving between sites.

On Oct 7, 2011, at 5:36 PM, Bjoern Hoehrmann wrote:

> * Roy T. Fielding wrote:
>> A user already has an option for anonymous browsing by enabling one of the
>> various private browsing modes.
> 
> The "private browsing" modes are supposed to let you browse without
> affecting your "normal" browsing profile; for instance, the sites you
> visit would not show up in the list of recently visited sites in your
> normal profile; but the browsing mode does not affect your user agent
> string or IP address or any number of other identifying features. The
> mode cannot and is not meant to provide anything resembling any form
> of anonymity to the outside world, beyond that your regular cookies
> are not submitted, broadly speaking. Browsing would be more "private"
> if instead you used a different browser where you clear private data
> when you start browsing, and you would have to use TOR or some other
> proxying solution in addition to approach any form of anonymity.

Yes, which is exactly the same effect as telling first party sites
that they should collect as little data about the user as possible
and not store anything after the session.  My point is that there is
no need for such requirements (whether they are stated as a SHOULD
or a MUST) on the DNT expression.  They are orthogonal concerns that
can both be configured if the user so desires.

....Roy

Received on Saturday, 8 October 2011 05:09:15 UTC