- From: Roy T. Fielding <fielding@gbiv.com>
- Date: Mon, 10 Oct 2011 16:45:57 -0700
- To: Tom Lowenthal <tom@mozilla.com>
- Cc: "public-tracking@w3.org" <public-tracking@w3.org>
Note that this would require all responses from that server
to disable shared caching ("Vary: DNT"). I think that is a non-starter.
If any DNT response is given, it should be restricted to responses
that are already intended to be non-cacheable (e.g., custom content
and advertising placements).
....Roy
On Oct 10, 2011, at 4:25 PM, Tom Lowenthal wrote:
> Proposal to the W3C Tracking Protection Working Group
> Authored by Thomas Lowenthal, Mozilla
> Associated with [Action
> 13](http://www.w3.org/2011/tracking-protection/track/actions/13)
>
>
> When a server receives a request in which the DNT header is present, any
> response **must** include a header of the form:
>
>> DNT:AB
>
> where:
> - "A" is the the value of the header that the server received, and
> - "B" is a statement by the server about how it will act, where:
> -"0" represents "will act as if the DNT signal is not present", and
> -"1" represents "will act as if the DNT signal is present".
>
> Examples:
> - A client sends a request with "DNT:1". The server knows that this user
> has previously agreed to be tracked in exchange for a delicious scone.
> The server responds with "DNT10", thereby stating that the user has
> requested not to be tracked, but the server will still track this user.
> - A client sends a request with "DNT:1". The server responds with
> "DNT:11", thereby stating that they have received, and will honor the
> user's request not to be tracked.
> - A client sends a request with "DNT:0". The server protects the privacy
> of all users equally, and responds with "DNT:01", thereby stating that
> the server will not track the user.
>
Received on Monday, 10 October 2011 23:46:20 UTC