- From: Rigo Wenning <rigo@w3.org>
- Date: Fri, 08 Jun 2012 21:44:50 +0200
- To: public-tracking@w3.org
- Cc: "Dobbs, Brooks" <brooks.dobbs@kbmg.com>, Justin Brookman <jbrookman@cdt.org>
Brooks, I agree. A server can't know whether a UA has obtained a user's willful interaction to set some DNT status. Even for the browser who announced a default you can't know. Because weirdos like me may have altered the settings. And in this case even this browser defaulting to DNT:1 is compliant. The server sees a DNT:1 on the wire. It can decide to follow that and send an ACK. It can decide to not respond and it can decide to send NACK. But having browser sniffing determine whether a request is compliant is adventurous at best. So a service having too many DNT:1 requests will be inventive and do advertisement without tracking. Or it will block those users with DNT:1 by sending exception requests. I personally do NOT believe that a server can determine compliance of a header that is well formed and comes down the pipe. We can only exclude those user agents that can't even handle exceptions and are purely injecting DNT:1 strings into every TCP/IP traffic. And we can call them out. A server, if a suspicion exists, can probe with an exception call. Rigo On Friday 08 June 2012 15:27:06 Dobbs, Brooks wrote: > I think the problem is that compliance is based on both sides > ability to honor user preference. If one side forges user > preference, and the other side can correctly only be compliant by > acting on actual user preference, there is an untenable > situation. Where a UA sends a well formed header absent having > obtained a preference from the user, the recipient server will > always be forced into non-compliance, no matter which action it > takes. > > Two cases come to mind: > 1. If a UA sends a DNT:1 by default, AND this is truly the > preference of the user, if the server fails to respond > accordingly to DNT:1 then arguably compliance has not been > achieved. > 2. If, conversely, a server honors a well formed DNT:1 set by a > vendor or intermediary, absent such being the actual preference > of the the user, again preference has not been honored and > compliance not maintained. > > There is a no-win compliance situation for the server no matter > which way it goes. Starting from the position that each user > preference is not equally as valid is damaging. >
Received on Friday, 8 June 2012 19:45:16 UTC