RE: any additional Proposals on UA requirement to handle exceptions

Walter,

I believe the problem we're attempting to solve for is different/broader than the one you are speaking to.  I see DNT as a method of bi-directional communication (a conversation) about a user's preferences - whereas I think you see this is a solely a one-way command.  For a conversation to occur, there needs to be balance in representation and completeness in requests and responses.

Let's agree to disagree.  For a successful DNT standard where we expect Servers to implement, I believe it's imperative we have balance.

a) how would this not be an informed opt-out?
Non-compliant UA

b) how is this fundamentally different from a user that uses a UA that meets your requirements but just never grants an exception?
The outcome is no different but the opportunity to make a different choice is absent therefore the situation is non-compliant.

c) how is this different from a user that uses a UA that has javascript turned off by default and keeps it turned off for third-party content?
The outcome is no different but the opportunity to make a different choice is absent therefore the situation is non-compliant.

d) how is the server going to know that there is no UGE support at all other than through discrimination based on user agent strings?"
The user agent string is key in understanding compliance (for example, IE10).

- Shane

-----Original Message-----
From: Walter van Holst [mailto:walter.van.holst@xs4all.nl] 
Sent: Friday, December 06, 2013 12:51 PM
To: public-tracking@w3.org
Subject: Re: any additional Proposals on UA requirement to handle exceptions

On 06/12/2013 18:35, Shane M Wiley wrote:
> Walter,
> 
> If Web Browsers can not fully implement DNT TPE, why are Servers required to fully implement?  It's this balance that's completely missing in your argument.

I don't see any reasonable equivalence here that would warrant such a comparison. Ultimately DNT tries to address a server-side problem, so I don't see a need to 'balance' the standard by adding burdens on the UA side of things. The basic principle is simple: if you have no proof that the DNT signal you receive is a misrepresentation of the user's intentions, then you should honour it.

What I do perceive however is several parties at the table doing their utmost not to create a standard and if there must be a standard a standard without consequences and if there must be consequences then the standard must allow for as many pretexts to ignore a DNT:1 signal as possible. Or to make it otherwise as convoluted as possible. Even if that means that the visually impaired get no say in their online privacy.

> As far as your questions, perhaps I missed those - can you please resend?

>From my earlier message, which you answered:

"Or even a more likely use case:

A visually impaired person uses a screenreader and a text-only web browser such as lynx. He or she has a router configured to insert DNT:1 for any network interaction that has DNT unset, as configured per the explicit wishes of the user.

a) how would this not be an informed opt-out?
b) how is this fundamentally different from a user that uses a UA that meets your requirements but just never grants an exception?
c) how is this different from a user that uses a UA that has javascript turned off by default and keeps it turned off for third-party content?
d) how is the server going to know that there is no UGE support at all other than through discrimination based on user agent strings?"

Please answer each of them.

Regards,

 Walter

Received on Friday, 6 December 2013 19:50:16 UTC