- From: David Singer <singer@apple.com>
- Date: Tue, 22 Jan 2013 12:36:56 +0100
- To: David Wainberg <david@networkadvertising.org>
- Cc: "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org>, "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
On Jan 21, 2013, at 23:27 , David Wainberg <david@networkadvertising.org> wrote: > Hi Matthias, > > On 1/21/13 2:56 PM, Matthias Schunter (Intel Corporation) wrote: >> ISSUE-153: What are the implications on software that changes requests but does not necessarily initiate them? >> https://www.w3.org/2011/tracking-protection/track/issues/153 >> Proposed text (by david and nick): "Software outside of the user agent that causes a DNT header to be sent (or modifies existing headers) MUST NOT >> do so without following the requirements of this section; such software is responsible for assuring the expressed preference reflects the user's intent." > > I have pointed out previously (multiple times) that there are proposed alternatives to this language. http://lists.w3.org/Archives/Public/public-tracking/2012Dec/0030.html > > Is there something else I need to do to ensure those alternatives stay with this issue? Hi David one problem is that the two alternatives both have issues: "A UA that allows or enables other software to alter the DNT setting MUST ensure that such alteration reflects the user's intent." The UA doesn't "allow" a proxy or other gateway to insert or modify headers; it's just something that happens. There is no control that the UA has of the proxy. And Walter suggested this, which I could accept in lieu of my proposal: "A UA MUST incorporate detection mechanisms for alteration of DNT-preferences by third-party software (including third-party UA-extensions and plugins) and MUST upon detection of such changes verify with the user that they reflect the user's intentions. The UA MAY provide the user with the option to ignore future changes in the DNT-preferences or to automatically change them back to a user-set preference." Since the UA can't currently tell what DNT header (if any) is actually reaching the sites, it has no way to detect if it's different from the one it thought it sent, so the MUST is unachievable, alas. David Singer Multimedia and Software Standards, Apple Inc.
Received on Tuesday, 22 January 2013 11:37:45 UTC