- From: Peter Cranstone <peter.cranstone@gmail.com>
- Date: Wed, 13 Jun 2012 08:40:02 -0600
- To: <ifette@google.com>
- CC: Nicholas Doty <npdoty@w3.org>, "Dobbs, Brooks" <brooks.dobbs@kbmg.com>, Justin Brookman <jbrookman@cdt.org>, <public-tracking@w3.org>
- Message-ID: <CBFE01B5.3154%peter.cranstone@gmail.com>
Nope. Still fails your test. You have no idea who made the decision. So using your logic every copy of MSIE is non compliant because Microsoft shipped it by default. If I get a copy of windows 8, turn it off and then turn it on BEFORE I send a request to a server how do you know? The server only knows one thing – DNT:1 that's it. It has NO idea who set it, you, the OEM or a 3rd party add on. Peter ___________________________________ Peter J. Cranstone 720.663.1752 From: "Ian Fette (イアンフェッティ)" <ifette@google.com> Reply-To: <ifette@google.com> Date: Wednesday, June 13, 2012 8:36 AM To: Peter Cranstone <peter.cranstone@gmail.com> Cc: Nicholas Doty <npdoty@w3.org>, "Dobbs, Brooks" <brooks.dobbs@kbmg.com>, Justin Brookman <jbrookman@cdt.org>, W3 Tracking <public-tracking@w3.org> Subject: Re: Today's call: summary on user agent compliance > The point is that with IE your decision is masked by MSFT's default. If you > turn it off, I know that you've made a decision, but if you turn it back on > again I have no way of knowing if you're a user that made a decision or not. > > With FF it is __NOT__ proposed to be "off" by default. It is proposed to be > unset by default. You turn it on I know you made an explicit decision. You set > it to off and I know you made an explicit decision. > > -Ian > > On Wed, Jun 13, 2012 at 7:27 AM, Peter Cranstone <peter.cranstone@gmail.com> > wrote: >> Nope. >> >> I install MSIE and it's on by default. So I turn it off. 2 days later I >> decide I want to turn it on again. >> >> I install FF and it's off by default. So I turn it on. 2 days later I decide >> I want to turn it off again. >> >> There's no functional difference between those two statements. The spec >> cannot determine "who" turned it on or off. >> >> >> Peter >> ___________________________________ >> Peter J. Cranstone >> 720.663.1752 <tel:720.663.1752> >> >> >> From: "Ian Fette (イアンフェッティ)" <ifette@google.com> >> Reply-To: <ifette@google.com> >> Date: Wednesday, June 13, 2012 8:24 AM >> To: Peter Cranstone <peter.cranstone@gmail.com> >> Cc: Nicholas Doty <npdoty@w3.org>, "Dobbs, Brooks" <brooks.dobbs@kbmg.com>, >> Justin Brookman <jbrookman@cdt.org>, W3 Tracking <public-tracking@w3.org> >> >> Subject: Re: Today's call: summary on user agent compliance >> >>> The difference is that with IE you can't tell, and with FF you can tell. >>> >>> As for being set by intermediary, we prohibited that in the spec as well, >>> but there's not a great way to tell this. Presumably you might see something >>> like "100% of users coming from this ASN are using DNT" if you cared to >>> look, but it is a much harder question. >>> >>> -Ian >>> >>> On Wed, Jun 13, 2012 at 7:18 AM, Peter Cranstone <peter.cranstone@gmail.com> >>> wrote: >>>> Nick, >>>> >>>> Question: How do you know if this is 'truly the preference of the user'? >>>> >>>> For example >>>> 1. I install Windows 8 and MSIE sends the DNT:1 header by default. >>>> 2. I install Firefox 12 or 13 and then turn on DNT:1 >>>> What's the difference that you can determine with server code? >>>> >>>> Second question: How do you know it's been set by a vendor or intermediary? >>>> * Proxy server adds DNT:1 to all outgoing HTTP requests. >>>> * Server sees DNT:1 on the incoming request there's been NO other change >>>> to the UA >>>> >>>> >>>> Peter >>>> ___________________________________ >>>> Peter J. Cranstone >>>> 720.663.1752 <tel:720.663.1752> >>>> >>>> >>>> From: Nicholas Doty <npdoty@w3.org> >>>> Date: Wednesday, June 13, 2012 12:26 AM >>>> To: "Dobbs, Brooks" <brooks.dobbs@kbmg.com> >>>> Cc: Justin Brookman <jbrookman@cdt.org>, W3 Tracking >>>> <public-tracking@w3.org> >>>> >>>> Subject: Re: Today's call: summary on user agent compliance >>>> Resent-From: W3 Tracking <public-tracking@w3.org> >>>> Resent-Date: Wed, 13 Jun 2012 06:27:03 +0000 >>>> >>>>> On Jun 8, 2012, at 4:27 PM, Dobbs, Brooks wrote: >>>>> >>>>>> I think the problem is that compliance is based on both sides ability to >>>>>> honor user preference. If one side forges user preference, and the other >>>>>> side can correctly only be compliant by acting on actual user preference, >>>>>> there is an untenable situation. Where a UA sends a well formed header >>>>>> absent having obtained a preference from the user, the recipient server >>>>>> will always be forced into non-compliance, no matter which action it >>>>>> takes. >>>>>> >>>>>> Two cases come to mind: >>>>>> 1. If a UA sends a DNT:1 by default, AND this is truly the preference of >>>>>> the user, if the server fails to respond accordingly to DNT:1 then >>>>>> arguably compliance has not been achieved. >>>>>> 2. If, conversely, a server honors a well formed DNT:1 set by a vendor or >>>>>> intermediary, absent such being the actual preference of the the user, >>>>>> again preference has not been honored and compliance not maintained. >>>>> For the second case: I'm not aware of anything in draft specifications >>>>> that would make a server non-compliant if it treated a user that hadn't >>>>> expressed a DNT:1 preference as if it had. For example, we don't have any >>>>> requirements that a user who arrives with DNT:0 must be tracked. You might >>>>> confuse a user if you provide a very different experience under DNT:1 and >>>>> it was inserted by an intermediary unbeknownst to the user, but I don't >>>>> see any issues with compliance with this group's specifications. >>>>> >>>>> Thanks, >>>>> Nick >>> >
Received on Wednesday, 13 June 2012 14:40:50 UTC