Re: Sitecom adds Do Not Track to its routers

With respect to this or any other hardware device attempting to mitm
traffic, there seems to be no provision for how to handle exceptions. Much
less to ensure the header and dom property are consistent. That seems quite
problematic to me.
On Nov 30, 2012 7:19 PM, "Craig Spiezle" <craigs@otalliance.org> wrote:

> This is within the context that I was seeking clarification, it could be a
> router or other device, a sw solution or a standardized desktop
> configuration set by an admin / employer.
>
> The challenge and concern is we are seeing more interest in the
> enterprises for such solutions not only for the privacy of their employees
> but for the data that might be collected and aggregated/profiled on their
> company.
>
> Ii fail to understand the idea of not honoring such signals coming from a
> business who explicitly chooses to enable DNT for all employees.
>
> What am I missing?
>
> Sent from my phone
>
> On Nov 30, 2012, at 8:30 PM, "SULLIVAN, BRYAN L" <bs3131@att.com> wrote:
>
>  Apologies if this is implicitly/explicitly out of scope of the
> compliance context, but just confirming: you are talking about a router
> installed in a public network context, right? In an enterprise or home
> (private network) context, the configuration of this function via a router
> would be a decision of the administrator of that private network. That may
> involve any manner of explicit or implicit notice to users (or none at
> all…) that this is the policy in that context, which is within the right of
> the network owner.****
>
> ** **
>
> Thanks,****
>
> Bryan Sullivan ** **
>
> ** **
>
> *From:* Shane Wiley [mailto:wileys@yahoo-inc.com <wileys@yahoo-inc.com>]
> *Sent:* Friday, November 30, 2012 3:06 PM
> *To:* Craig Spiezle; Brendan Riordan-Butterworth
> *Cc:* JC Cannon; W3C DNT Working Group Mailing List
> *Subject:* RE: Sitecom adds Do Not Track to its routers****
>
> ** **
>
> Craig,****
>
> ** **
>
> This is one systems administrator activating DNT for all users who receive
> traffic through that router – which could be a considerable number of
> individual, independent users who are not making this choice for
> themselves.  As such, this would be a violation of the draft standard as
> currently worded.****
>
> ** **
>
> - Shane****
>
> ** **
>
> *From:* Craig Spiezle [mailto:craigs@otalliance.org<craigs@otalliance.org>]
>
> *Sent:* Friday, November 30, 2012 3:57 PM
> *To:* Brendan Riordan-Butterworth
> *Cc:* JC Cannon; W3C DNT Working Group Mailing List
> *Subject:* Re: Sitecom adds Do Not Track to its routers****
>
> ** **
>
> As JC and i also confirmed this is an opt in device are you suggesting it
> would be non-compliant?  ****
>
> ** **
>
> As more sw and hw solutions come to market specially designed to block
> ads, enhance privacy or third party calls I believe the intent of the user
> will be met through the user's purchase. That said I would hope there is a
> user string detectable so the site can detect such usage and determine what
> content / services are made available ****
>
> ** **
>
>
> Sent from my phone****
>
>
> On Nov 30, 2012, at 5:13 PM, Brendan Riordan-Butterworth <Brendan@iab.net>
> wrote:****
>
>
> http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#dnt-header-field
> ****
>
>  ****
>
> “An HTTP intermediary must not add, delete, or modify the DNT header field
> in requests forwarded through that intermediary unless that intermediary
> has been specifically installed or configured to do so by the user making
> the requests. For example, an Internet Service Provider must not inject
> DNT: 1 on behalf of all of their users who have not expressed a preference.”
> ****
>
>  ****
>
> If the router has a single point to configure the DNT header field for all
> outbound traffic, and the LAN it is in front of has more than one user
> making HTTP requests, then the Sitecom functionality is not compliant with
> the requirements on intermediaries as defined in section 4.2 of the TPE
> document.  ****
>
>  ****
>
> /brendan.****
>
>  ****
>
> *From:* JC Cannon [mailto:jccannon@microsoft.com <jccannon@microsoft.com>]
>
> *Sent:* Thursday, November 29, 2012 1:14 PM
> *To:* W3C DNT Working Group Mailing List
> *Subject:* Sitecom adds Do Not Track to its routers****
>
>  ****
>
> “The Do Not Track functionality is disabled by default, and requires the
> user to visit the router's configuration page to enable it. Sitecom has
> confirmed that, in addition to launching the software on third-generation
> X-Series routers, it will bring the Do Not Track option to existing devices
> with Sitecom Cloud Security through a free firmware update.”****
>
>  ****
>
> http://www.bit-tech.net/news/hardware/2012/11/29/sitecom-do-not-track/1***
> *
>
>  ****
>
> JC****
>
>

Received on Saturday, 1 December 2012 03:25:38 UTC