W3C home > Mailing lists > Public > public-tracking@w3.org > February 2012

Re: Agenda for 2012-02-01 call (V02: added more incoming issues with text)

From: Roy T. Fielding <fielding@gbiv.com>
Date: Wed, 8 Feb 2012 10:45:17 -0800
Cc: Tracking Protection Working Group WG <public-tracking@w3.org>
Message-Id: <58AA101C-9CB8-4A51-832B-39D256BBEE99@gbiv.com>
To: David Singer <singer@apple.com>
On Feb 8, 2012, at 8:46 AM, David Singer wrote:
> On Feb 7, 2012, at 18:13 , Roy T. Fielding wrote:
>> On Feb 7, 2012, at 9:50 AM, David Singer wrote:
>>> The absence of a response header does have the huge downside that there is no 'automated discovery' of compliance in the transaction, and UAs that rely on that will assume the worst.  If we go with SHOULD, this needs clearly stating.
>> There is no automated discovery of compliance in headers, regardless.
>> Compliance to requirements that apply over time and across multiple
>> requests can only be detected by observing behavior over time and
>> multiple requests.  Just because a header says that the server complies
>> does not mean the server complies.  UAs that actually depend on compliance
>> should be checking against a curated list, just like fraud avoidance.
>> IMO, the response header is a complete waste of time and bytes.  It is
>> a very expensive delusion.
>> In the entire history of HTTP, the only other protocols that defined a
>> response header to indicated compliance were MIME-version (ignored),
>> DAV (ignored), PICS (failed), and P3P (ignored).  I don't understand why
>> this WG needs to make the same mistake.
> OK, but Roy, the statement of mere compliance is only one of the reasons for the response header, as I am sure you recall.  Two others are:
> * did my request (outbound header) get through, or was it stripped or mangled by an intermediate?
> * do I  and my user-agent agree about the status and position of the party I am communicating with (1st/3rd, assertion of opt-in, claimed exceptions)?
> This are both dynamic questions that cannot be answered by a static policy.  

The well-known address response can be just as dynamic as any header and
far more likely to make it through round-trip.

Received on Wednesday, 8 February 2012 18:48:35 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:38:33 UTC