Re: Modifying a DNT Header (ISSUE-153, ACTION-285)

On 2012-11-08, at 3:16 PM, David Wainberg <<>> wrote:

The extension is not a program of its own. It is, by definition, an extension of the enclosing software, relying on the functionality provided by that software, and subject to the limitations imposed by that software. The browser can indeed peek over the extension's shoulder and ensure that the user's preference is accurately reflected in the signal that the browser sends.

The relevant technical point is that the code in an extension is provided by the extension's author, not by the author of the browser.  The browser does not know what a given extension does; indeed it cannot, as Ian's comment emphasizes.  Alan Turing proved in 1936 that it's _mathematically_ impossible to write a program that can always determine what another program does.

The extension is a "program of its own" that is executed by the browser, just like an application is a "program of its own" that is executed by an operating system.  We do not expect operating systems to certify that all applications always reflect user intent, because it is technologically impossible for them to do so.  We should not expect browsers to certify that all extensions always reflect user intent, because it is technologically impossible for them to do so.

It might be that you are imagining that the browser could monitor what each extension does as it runs, to make sure that properly meaningful user interactions about DNT take place.  (This by itself would require a radical revision in how browser extension architectures work.)  But the browser couldn't understand what questions the extension is asking a user -- what if the question is in German?  Nepali?  Even then the process of linking up the user's answer to the extension's DNT settings would go right back down the impossible rabbit hole of the halting problem.

If the browser has to certify that an extension has properly obtained user consent, then a browser could comply only by (a) preventing extensions from affecting DNT, (b) taking complete control of the DNT UI, or (c) disabling all extensions.  These are all technically feasible, if you want to propose one of them.

I'm not trying to cut off discussion about:
* Asking extensions to conform to the same user-intent standards (whatever they are) as browsers,
* Finding ways for users, browsers, and servers to detect and limit exposure to bad-actor extensions,
* Finding ways for good-actor extensions to state their bona fides, or
* Suggesting best practices for good-actor extensions

I'm just trying to head off discussion about computational impossibilities.  Asking one program to understand another program is a computer-science dead-end.


James Grimmelmann              Professor of Law
New York Law School                 (212) 431-2864
185 West Broadway<>
New York, NY 10013

Received on Thursday, 8 November 2012 21:17:34 UTC