- From: Walter van Holst <walter.van.holst@xs4all.nl>
- Date: Mon, 21 Apr 2014 12:19:26 +0200
- To: public-tracking@w3.org
On 18/04/2014 20:22, Roy T. Fielding wrote: > On Apr 18, 2014, at 10:41 AM, Walter van Holst wrote: > >> Rob already as argued for this better than I can. It only stands to >> reason that syntactically well-formed DNT requests are honoured without >> second guessing the user. > No, that doesn't stand to reason, anywhere. We don't honor requests > from clients that match the pattern of a denial of service attack. That is what the permitted uses are for, among other things. > We don't honor purchases made with a stolen credit card. We don't > honor requests that appear to be gatewayed through a phishing site. Again, permitted uses. > We frequently don't honor requests that pass through an export-controlled > location. And we sure don't honor HTTP protocol fields from user agents > that lie about their capabilities or semantics In my opinion that might qualify as an exception to a MUST rule. > > I will never support a standard that allows a user agent to lie about > its semantics to a server without any corresponding power of the server > to recognize that lie and work around the bug. That would only > encourage unscrupulous actors to manipulate standard protocols for > their own personal gain. Genuinely curious about examples of those, and their gains. > > If a user agent does not adhere to the semantics of the protocol, > the signal will be ignored. This is not subject to the WG's opinion. > Whether or not a "D" is sent after a signal is ignored is what > is subject to the WG's opinion. > Sending a D upon ignoring a signal would be another MUST in my book (perhaps except in the cases of permitted use). Regards, Walter
Received on Monday, 21 April 2014 10:21:07 UTC