- From: Peter Cranstone <peter.cranstone@gmail.com>
- Date: Wed, 13 Jun 2012 08:18:03 -0600
- To: Nicholas Doty <npdoty@w3.org>, "Dobbs, Brooks" <brooks.dobbs@kbmg.com>
- CC: Justin Brookman <jbrookman@cdt.org>, <public-tracking@w3.org>
- Message-ID: <CBFDFC29.310C%peter.cranstone@gmail.com>
Nick, Question: How do you know if this is 'truly the preference of the user'? For example 1. I install Windows 8 and MSIE sends the DNT:1 header by default. 2. I install Firefox 12 or 13 and then turn on DNT:1 What's the difference that you can determine with server code? Second question: How do you know it's been set by a vendor or intermediary? * Proxy server adds DNT:1 to all outgoing HTTP requests. * Server sees DNT:1 on the incoming request there's been NO other change to the UA Peter ___________________________________ Peter J. Cranstone 720.663.1752 From: Nicholas Doty <npdoty@w3.org> Date: Wednesday, June 13, 2012 12:26 AM To: "Dobbs, Brooks" <brooks.dobbs@kbmg.com> Cc: Justin Brookman <jbrookman@cdt.org>, W3 Tracking <public-tracking@w3.org> Subject: Re: Today's call: summary on user agent compliance Resent-From: W3 Tracking <public-tracking@w3.org> Resent-Date: Wed, 13 Jun 2012 06:27:03 +0000 > On Jun 8, 2012, at 4:27 PM, Dobbs, Brooks wrote: > >> Re: Today's call: summary on user agent compliance >> I think the problem is that compliance is based on both sides ability to >> honor user preference. If one side forges user preference, and the other >> side can correctly only be compliant by acting on actual user preference, >> there is an untenable situation. Where a UA sends a well formed header >> absent having obtained a preference from the user, the recipient server will >> always be forced into non-compliance, no matter which action it takes. >> >> Two cases come to mind: >> 1. If a UA sends a DNT:1 by default, AND this is truly the preference of the >> user, if the server fails to respond accordingly to DNT:1 then arguably >> compliance has not been achieved. >> 2. If, conversely, a server honors a well formed DNT:1 set by a vendor or >> intermediary, absent such being the actual preference of the the user, again >> preference has not been honored and compliance not maintained. > For the second case: I'm not aware of anything in draft specifications that > would make a server non-compliant if it treated a user that hadn't expressed a > DNT:1 preference as if it had. For example, we don't have any requirements > that a user who arrives with DNT:0 must be tracked. You might confuse a user > if you provide a very different experience under DNT:1 and it was inserted by > an intermediary unbeknownst to the user, but I don't see any issues with > compliance with this group's specifications. > > Thanks, > Nick
Received on Wednesday, 13 June 2012 14:18:45 UTC