I think it ought be a MUST on a response header, but if consensus emerges around SHOULD, we definitely need to include advice about consequences of not sending it.
On Feb 8, 2012, at 8:49 AM, David Singer wrote:
>
> On Feb 8, 2012, at 6:16 , Rigo Wenning wrote:
>
>> On Tuesday 07 February 2012 18:13:11 Roy T. Fielding wrote:
>>> In the entire history of HTTP, the only other protocols that defined a
>>> response header to indicated compliance were MIME-version (ignored),
>>> DAV (ignored), PICS (failed), and P3P (ignored). I don't understand why
>>> this WG needs to make the same mistake.
>>
>> Roy,
>>
>> no response header, no consent recording(legally). It's as simple as that. And
>> P3P did not have a response header as the protocol was just 180 degree
>> opposite of the DNT protocol.
>> Given that there will be no consent-recording, a SHOULD may be enough. But the
>> Specification MUST give clear information about why the response header is
>> needed to avoid the misunderstanding above.
>
>
> I agree. If we go with 'should', we owe to site operators the advice of the negative consequences of not sending it.
>
> David Singer
> Multimedia and Software Standards, Apple Inc.
>
----------
John M. Simpson
Consumer Advocate
Consumer Watchdog
1750 Ocean Park Blvd. ,Suite 200
Santa Monica, CA,90405
Tel: 310-392-7041
Cell: 310-292-1902
www.ConsumerWatchdog.org
john@consumerwatchdog.org