Re: action-231, issue-153 requirements on other software that sets DNT headers

Tamir, the compliance spec requres express and informed consent for user-granted exceptions at 6.3.

Roy, thank you for clarifying that you don't think thr MSFT flow would be sufficient for explicit and informed consent for getting a user-granted exception.  That wasn't clear to me before so forgive me for misstating your position.  Unfortunately, I'm not sure all actors (or courts) would agree with that, and I still feel uncomfortable privatizing that determination to a range of conflicted third parties.  Still, I guess third parties that reject IE's DNT signals out of hand would have to have at least as strong or better opt-in for their own UGEs.  Not sure that alleviates the core transparency issue though.

Sent via mobile, please excuse curtness and typos

-----Original message-----
From: "Roy T. Fielding" <>
To: Tamir Israel <>
Cc: Justin Brookman <>,
Sent: Fri, Aug 24, 2012 00:19:09 GMT+00:00
Subject: Re: action-231, issue-153 requirements on other software that sets   DNT  headers

On Aug 23, 2012, at 4:58 PM, Tamir Israel wrote:

> Hi Roy,
> On 8/23/2012 7:46 PM, Roy T. Fielding wrote:
>> To obtain explicit and informed prior consent, we have to do something
>> out of band that obtains explicit and informed consent.  I don't
>> know exactly what that is, but I am sure it doesn't include giving
>> a pre-selected option in a dialog during initial installation/use
>> of an operating system default UA.
> Is this obligation (that out of band consent mechanisms must reflect explicit and informed user consent) in the TPE?

No, they are out of band mechanisms for the *purpose* of obtaining
explicit and informed prior consent.  If the mechanisms don't work,
that's not our problem to solve [no implied permissions are given
just for trying].


Received on Friday, 24 August 2012 00:35:47 UTC