Re: Agenda for 2012-02-01 call (V02: added more incoming issues with text)

Could there be a time period at which SHOULD--> MUST?  I think you are right about adoption in terms of mind-share, but in terms of actual adoption engineers need to prioritize.

Also, is this linked to the proposal for a DNT:2 option?  Otherwise the response header can never be the last word on compliance if there is no way to distinguish between a company who is choosing not to comply and a company that has not yet complied.

On Jan 31, 2012, at 7:22 AM, Shane Wiley wrote:

> To add more to the SHOULD side of the discussion:
>  
> By allowing a SHOULD on response headers will allow companies across the globe, large and small, as well as trade organizations, to immediately embrace the DNT standard, move forward with implementations, and include DNT in Codes of Conduct.
>  
> If we move forward with a MUST on response headers, it may prove to be a motivator for implementation but will likely take months and years for full compliance.  Large companies will move forward with implementation of response headers regardless of the SHOULD/MUST outcome, but I fear that regulators and some advocates will deem this working group’s efforts a failure if industry-wide support of DNT drags on for an extended period of time.  There are natural incentives to support response headers (as the draft text points out) so I would suggest we allow these market forces to drive the appropriate outcome.
>  
> - Shane
>  
> From: David Singer [mailto:singer@apple.com] 
> Sent: Tuesday, January 31, 2012 7:43 AM
> To: Matthias Schunter
> Cc: Tracking Protection Working Group WG
> Subject: Re: Agenda for 2012-02-01 call (V02: added more incoming issues with text)
>  
>  
> On Jan 31, 2012, at 13:12 , Matthias Schunter wrote:
> 
> 
> 
> 7. Collect arguments "SHOULD" vs. "MUST" for response headers
>     https://www.w3.org/2011/tracking-protection/track/issues/120
>  
>  
> Since I can't be on the call…
>  
> Background: We have a service that claims compliance to the protocol, responding to a DNT request.
>  
> If the response header is only a SHOULD, then we need to define a default.  We could say "for cacheable objects, the default value is "not trackable"; for all others it is "I may be tracking you (claiming all possible exceptions)".  The UA will have to work out whether the service is 1st or 3rd party, to work out which set of exceptions are possibly claimed.  In addition, it's possible that the entity determining the default is not able to see the cache headers (there were discarded by the HTTP end-point) and that it therefore erroneously concludes that untrackable resources are potentially being tracked.
>  
> The advantage of a SHOULD is that the service only needs to add the header in the systems that handle tracking; ordinary (cacheable) resource delivery would not need any engineering changes, to remain in compliance (even if that's dangerous).
>  
> David Singer
> Multimedia and Software Standards, Apple Inc.
>  

Lauren Gelman
BlurryEdge Strategies
415-627-8512
gelman@blurryedge.com
http://blurryedge.com

Received on Wednesday, 8 February 2012 20:52:10 UTC