Re: Issue-207

On Apr 18, 2014, at 10:41 AM, Walter van Holst wrote:

> Rob already as argued for this better than I can. It only stands to
> reason that syntactically well-formed DNT requests are honoured without
> second guessing the user.

No, that doesn't stand to reason, anywhere.  We don't honor requests
from clients that match the pattern of a denial of service attack.
We don't honor purchases made with a stolen credit card.  We don't
honor requests that appear to be gatewayed through a phishing site.
We frequently don't honor requests that pass through an export-controlled
location. And we sure don't honor HTTP protocol fields from user agents
that lie about their capabilities or semantics.

I will never support a standard that allows a user agent to lie about
its semantics to a server without any corresponding power of the server
to recognize that lie and work around the bug.  That would only
encourage unscrupulous actors to manipulate standard protocols for
their own personal gain.

If a user agent does not adhere to the semantics of the protocol,
the signal will be ignored.  This is not subject to the WG's opinion.
Whether or not a "D" is sent after a signal is ignored is what
is subject to the WG's opinion.


Received on Friday, 18 April 2014 18:23:12 UTC