W3C home > Mailing lists > Public > public-tracking@w3.org > January 2012

Re: meaning of DNT 1 and DNT 0 when sent by user agents [ISSUE-78]

From: Roy T. Fielding <fielding@gbiv.com>
Date: Fri, 13 Jan 2012 17:10:38 -0800
Cc: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
Message-Id: <E8720352-0344-48E1-BFB7-A51F6CE5A7A1@gbiv.com>
To: David Singer <singer@apple.com>
On Jan 13, 2012, at 2:41 PM, David Singer wrote:

> In reading a separate thread, I realized that there is a potential issue here over DNT:0.
> A little while back we discussed whether the UA should send a DNT header to the first party.  A number of us argued that it should, even if the first party is exempt: because the first party may care that its third parties are being asked not to track - it might ask for payment in consequence, for example.
> This argument relies on the assumption that DNT is a single 'big switch', either on or off, but the discussion around DNT:0 reveals that people think it may be OK for the UA to send DNT:1 to some sites, and DNT:0 to others.

Yes, that discussion is why I defined it as a big switch "on" with
configurable exceptions to off.

In that case, DNT: 0 is only received when the switch is on for
others, which is as much information that the user agent can send
to the first party without compromising its own configuration.
But that only works as notification to first-parties if UAs do not
implement a global switch with which the user can explicitly
turn DNT off for all sites.

Until Wednesday, nobody had suggested that browsers would implement
an off switch.  I'd like to know if WebKit will do that.

> So what, then, does the first party get?  DNT:1 if any third party is getting DNT:1, else DNT:0 if all are getting DNT:0?  An average of the DNT values :-) DNT:0.7 ??!

The first party would get DNT 0 if an explicit exception exists.
That does not tell the first party which, if any, of its
subrequest partners might receive DNT 1 instead.  It only alerts
them to the potential.

> Am I, as a UA, allowed to mix non-DNT requests into the mix?

Not as currently defined.

Received on Saturday, 14 January 2012 01:11:22 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:38:30 UTC