- From: Nicholas Doty <npdoty@w3.org>
- Date: Mon, 13 Feb 2012 13:09:54 -0800
- To: "Roy T. Fielding" <fielding@gbiv.com>
- Cc: Ninja Marnau <nmarnau@datenschutzzentrum.de>, "<public-tracking@w3.org> (public-tracking@w3.org)" <public-tracking@w3.org>
Hi Roy, On Feb 13, 2012, at 12:49 PM, Roy T. Fielding wrote: > Please be aware that this would require Apache httpd to respond > that it is always tracking, by default, regardless of how the > underlying services are implemented. Likewise for Squid, TrafficServer, > haproxy, and all other HTTP servers that I am aware of. > > If we can't find a definition that allows HTTP access logs and normal > retention for fraud control, then let's give up. I will not implement > DNT if it can be used as a bypass for fraud and security controls. As I believe Ninja noted, this is *not* intended as a set of requirements for compliance with a DNT header, just a meaningful and entirely optional description that a site can use if it absolutely isn't tracking. If there is an alternate definition that could accommodate common httpd configurations and still communicate to the user that to a more complete level no tracking is occurring, it would be great to see that option. Thanks, Nick
Received on Monday, 13 February 2012 21:10:11 UTC