Re: ACTION-211 Draft text on how user agents must obtain consent to turn on a DNT signal

Hi Brooks,

On 6/14/2012 10:39 AM, Dobbs, Brooks wrote:
>> trouble is that IE 10 is not non-compliant for all possible cases.
>> >  There are tools that are non-compliant for all possible cases.
> I am not sure I agree with that statement.  If IE10's compliance job is to
> communicate user preference in a manner that is discernable to a server,
> when does it achieve this end?  As has been pointed out, IE makes it
> impossible to discern between a DNT:1 that is or is not an expressed user
> preference.

We have yet to see MSIE's implementation, so I do not understand how you 
can categorically state this. In the implementation below, MSIE is 
perfectly capable of clearly communicating user expression as defined by 
the spec:


MSIE: DNT-1 (set by default)
Server: Neg ACK (I have taken a look at MSIE's implementation of the 
standard and I do not deem this DNT-1 to be a valid expression of user 
choice).
MSIE: prompts the user (through an in-browser dashboard it has 
developed): this server has failed to acknowledge your DNT-1. Please 
select one of the following a.) I don't want to be tracked by this 
server; b.) I do want to be tracked by this server; c.) I'm generally ok 
with being tracked, please stop bothering me.
User: I pick 'a.) I don't want to be tracked by this server'
MSIE: DNT-1 (again)
Server: ????

The server is basing its rejection of the first DNT-1 on its own 
research and the assessment that it did not result from 'user choice'. I 
don't think it can do so for the second DNT-1. Indeed, this second DNT-1 
is fully compliant as far as I can tell.

Received on Thursday, 14 June 2012 13:49:38 UTC