Re: Today's call: summary on user agent compliance

The point is that with IE your decision is masked by MSFT's default. If you
turn it off, I know that you've made a decision, but if you turn it back on
again I have no way of knowing if you're a user that made a decision or not.

With FF it is __NOT__ proposed to be "off" by default. It is proposed to be
unset by default. You turn it on I know you made an explicit decision. You
set it to off and I know you made an explicit decision.

-Ian

On Wed, Jun 13, 2012 at 7:27 AM, Peter Cranstone
<peter.cranstone@gmail.com>wrote:

> Nope.
>
> I install MSIE and it's on by default. So I turn it off. 2 days later I
> decide I want to turn it on again.
>
> I install FF and it's off by default. So I turn it on. 2 days later I
> decide I want to turn it off again.
>
> There's no functional difference between those two statements. The spec
> cannot determine "who" turned it on or off.
>
>
> Peter
> ___________________________________
> Peter J. Cranstone
> 720.663.1752
>
>
> From: "Ian Fette (イアンフェッティ)" <ifette@google.com>
> Reply-To: <ifette@google.com>
> Date: Wednesday, June 13, 2012 8:24 AM
> To: Peter Cranstone <peter.cranstone@gmail.com>
> Cc: Nicholas Doty <npdoty@w3.org>, "Dobbs, Brooks" <brooks.dobbs@kbmg.com>,
> Justin Brookman <jbrookman@cdt.org>, W3 Tracking <public-tracking@w3.org>
>
> Subject: Re: Today's call: summary on user agent compliance
>
> The difference is that with IE you can't tell, and with FF you can tell.
>
> As for being set by intermediary, we prohibited that in the spec as well,
> but there's not a great way to tell this. Presumably you might see
> something like "100% of users coming from this ASN are using DNT" if you
> cared to look, but it is a much harder question.
>
> -Ian
>
> On Wed, Jun 13, 2012 at 7:18 AM, Peter Cranstone <
> peter.cranstone@gmail.com> wrote:
>
>> Nick,
>>
>> Question: How do you know if this is 'truly the preference of the user'?
>>
>> For example
>>
>>    1. I install Windows 8 and MSIE sends the DNT:1 header by default.
>>    2. I install Firefox 12 or 13 and then turn on DNT:1
>>
>> What's the difference that you can determine with server code?
>>
>> Second question: How do you know it's been set by a vendor or
>> intermediary?
>>
>>    - Proxy server adds DNT:1 to all outgoing HTTP requests.
>>    - Server sees DNT:1 on the incoming request ­ there's been NO other
>>    change to the UA
>>
>>
>>
>> Peter
>> ___________________________________
>> Peter J. Cranstone
>> 720.663.1752
>>
>>
>> From: Nicholas Doty <npdoty@w3.org>
>> Date: Wednesday, June 13, 2012 12:26 AM
>> To: "Dobbs, Brooks" <brooks.dobbs@kbmg.com>
>> Cc: Justin Brookman <jbrookman@cdt.org>, W3 Tracking <
>> public-tracking@w3.org>
>>
>> Subject: Re: Today's call: summary on user agent compliance
>> Resent-From: W3 Tracking <public-tracking@w3.org>
>> Resent-Date: Wed, 13 Jun 2012 06:27:03 +0000
>>
>> On Jun 8, 2012, at 4:27 PM, Dobbs, Brooks wrote:
>>
>> I think the problem is that compliance is based on both sides ability to
>> honor user preference.  If one side forges user preference, and the other
>> side can correctly only be compliant by acting on actual user preference,
>> there is an untenable situation.  Where a UA sends a well formed header
>> absent having obtained a preference from the user, the recipient server
>> will always be forced into non-compliance, no matter which action it takes.
>>
>> Two cases come to mind:
>>
>>    1. If a UA sends a DNT:1 by default, AND this is truly the preference
>>    of the user, if the server fails to respond accordingly to DNT:1  then
>>    arguably compliance has not been achieved.
>>    2. If, conversely, a server honors a well formed DNT:1 set by a
>>    vendor or intermediary, absent such being the actual preference of the the
>>    user, again preference has not been honored and compliance not maintained.
>>
>> For the second case: I'm not aware of anything in draft specifications
>> that would make a server non-compliant if it treated a user that hadn't
>> expressed a DNT:1 preference as if it had. For example, we don't have any
>> requirements that a user who arrives with DNT:0 must be tracked. You might
>> confuse a user if you provide a very different experience under DNT:1 and
>> it was inserted by an intermediary unbeknownst to the user, but I don't see
>> any issues with compliance with this group's specifications.
>>
>> Thanks,
>> Nick
>>
>>
>

Received on Wednesday, 13 June 2012 14:36:36 UTC