Re: meaning of DNT 1 and DNT 0 when sent by user agents [ISSUE-78]

Responses below.


On Jan 16, 2012, at 4:46 PM, Roy T. Fielding wrote:

> On Jan 16, 2012, at 4:10 PM, Jonathan Mayer wrote:
>> In responding, I'm going to try to give some shape to the issues in this thread (both explicit and implied).  I believe what I'm saying here is, for the most part, non-controversial.
>> 1. Should there be non-protocol content in the TPE document?
>> No.  The TPE document specifies a protocol.  The TCS document specifies a policy.  That clear boundary has existed since at least the Princeton workshop, and it has served us well in advancing the protocol despite deep policy differences.  I see no reason to blur the protocol-policy divide now.  Especially not the unsupported concern that developers will have trouble with two documents instead of one.
> I am not interested in the fantasy of continued "progress" in which
> every participant has a different notion of what we have agreed
> to implement, let alone standardize.

I'm not quite sure what you mean.

> Defining the meaning of a header field is part of the protocol,
> not the policy.

I fear there may be a mismatch in terminology, so let me try to be clearer.  By "protocol," I mean the format for message-passing between a user agent and a server.  By "policy," I mean the limits a particular message imposes on a website's business conduct.

Many standards either lack a policy component or include a fairly negligible policy component.  For TPWG, policy is unusually salient.

> Definition of terms are essential to meaning.
> Without them, the HTTP communication is just babble.

Agreed.  That's why the TCS text is quite important.

> Since implementations are already being based on the TPE spec alone,

Some websites change their business practices when they receive the "DNT: 1" header.  (See  I would strongly object to the claim that these implementations are "based on the TPE spec alone."  Implementers have looked to a wide variety of sources, including this group's drafts, the IETF Internet-Draft, Mozilla's materials, DoNotTrack.Us, and much more.  This isn't a bald assertion on my part - I've been privileged to work with a number of implementers.

> I will include in the TPE spec whatever definitions are necessary
> to understand the WG's intended communication.

I'm no expert in W3C process, but as I understand it (see the role of an editor is to capture the group's consensus view.  If my reading is correct, then with all due respect - and I do sincerely mean that, I greatly appreciate your efforts in this working group and your extraordinary contributions to the web - you "will include include in the TPE spec whatever" this group tells you to include.

> The fact that those
> definitions are supposed to be owned by the Compliance spec is
> irrelevant until last call.

I'm not sure what you mean by "supposed to be owned" and "irrelevant."  If you're claiming that you can arbitrarily pull pieces of the TCS document into the TPE document, I think many in the group would object for myriad reasons.

> In any case, there is no definition of tracking in the Compliance
> spec right now.

If you could make this explicit in the text, I think it would resolve some ambiguity.

> If folks want to further argue this issue,
> I suggest you make some progress on ISSUE-5 and ISSUE-7 first.
> ....Roy

Received on Tuesday, 17 January 2012 01:44:53 UTC