RE: Are we trying to build a compliance system on poorly-defined core concepts?

OK, I will propose some text changes along those lines. 

But I don't exclude network proxies (or intermediaries implemented as device-based HTTP stack components below the user-agent layer, e.g. antivirus programs) if the user is informed that these intermediaries are involved in the management of privacy preferences (e.g. DNT) upon user request. In that case, the intermediaries are not "imposed by the network", but are engaged in serving the user's preferences by request of the user.

Bryan Sullivan 

> -----Original Message-----
> From: Roy T. Fielding []
> Sent: Sunday, October 07, 2012 9:22 PM
> Cc: Working Group
> Subject: Re: Are we trying to build a compliance system on poorly-
> defined core concepts?
> A proxy is, by definition, an intermediary that acts on behalf of the
> user.
> A gateway (a.k.a., reverse proxy) is an intermediary that acts on behalf
> of an origin server.  So, all you have to say is "user agent or proxy"
> and you cover what you intend for HTTP, though you will have to exclude
> proxies that are imposed by the network if you want to retain actual
> user choice.
> ....Roy
> On Oct 5, 2012, at 7:00 AM, SULLIVAN, BRYAN L wrote:
> > Ok, I'm not meaning to challenge HTTP 1.1, but if an intermediary acts
> as an HTTP client on behalf of the user, e.g. an anomymizing proxy or
> other proxy/gateway which provides value-added services to the user
> (e.g. Opera mini server or WAP gateway/proxy), I think it can serve
> similar objectives as other "agents", e.g. HTTP client functionality,
> Web content processing, etc. My goal here is again not to challenge the
> definition of user agent but to clarify that what we mean by user agent
> in the TPE (at least for expression of user tracking preference via a
> DNT header) can extend to network-based software components that act on
> behalf of the user. At the least, we need to ensure that there is no
> language in the TPE or TCS that would forbid this valid implementation
> approach.
> >
> > Thanks,
> > Bryan Sullivan
> >
> > On Oct 5, 2012, at 1:19 PM, "Roy T. Fielding" <>
> wrote:
> >
> > On Oct 5, 2012, at 4:12 AM, Bryan Sullivan wrote:
> >
> >> To be clear, I am proposing three new issues be raised and I will
> propose
> >> text for:
> >> 1) Clarify that multiple users may use a specific device/user-agent
> >> 2) Address TPE changes to refect multi-user/shared device use cases
> >> 3) Update user agent definition to include proxy user agents
> >
> > To be clear, the latter will not be accepted.  DNT depends on HTTP,
> > and a proxy is never a user agent.  It is a proxy.  So if you need
> > some requirements changed, then suggest ways in which they can be
> > phrased as "user agent or proxy" rather than try to change UA to
> > include proxy.
> >
> > ....Roy
> >

Received on Monday, 8 October 2012 23:17:17 UTC