- From: Matthias Schunter <mts@zurich.ibm.com>
- Date: Tue, 04 Oct 2011 10:11:35 +0200
- To: Matthias Schunter <mts@zurich.ibm.com>, "Aleecia M. McDonald" <aleecia@aleecia.com>, Thomas Roessler <tlr@w3.org>, Nick Doty <npdoty@w3.org>, public-tracking@w3.org
Dear DNT Team, We would like to start discussions in writing to resolve selected issues. The task at hand is to - Define the elements that should go into the response header Related issues are ISSUE-47 Should the response from the server point to a URI of a policy (or an existing protocol) rather than a single bit in the protocol? ISSUE-48 Response from the server could both acknowledge receipt of a value and (separately) whether the server will honor it ISSUE-51 Should 1st party have any response to DNT signal ISSUE-76 Should a server echo the DNT header to confirm receipt? ISSUE-79 Should a server respond if a user sent DNT:0? ISSUE-80 Instead of responding with a Link: header URI, does it make sense to use a well-known location for this policy? ISSUE-81 Do we need a response at all from server? ISSUE-87 Should there be an option for the server to respond with "I don't know what my policy is" The goal of this excercise is to provide input that allows the editor to propose a protocol message specification for our Recommendation. Feel free to provide additional inputs. The editor of the definitions chapter will then propose a strawman that will then be published for comments. Regards, matthias ============================== Text SNIPLETS FROM INPUT DOCUMENTS http://www.w3.org/2011/tracking-protection ----------------------------------------- --- The FTC staff report ----------------------------------------- --- FTC guidelines for behavioral targeting ----------------------------------------- --- IAB Self-Regulatory Principles for Online Behavioral Advertising ----------------------------------------- --- Do Not Track Cookbook ----------------------------------------- --- IETF proposal for Do Not Track 8.4. Response Header RECOMMENDED In responding to a request that includes a Do Not Track header, a third-party server that complies with Do Not Track SHOULD echo the request header. For example: GET /thirdpartycontent.html HTTP/1.1 Host: thirdparty.example.com DNT: 1 HTTP/1.1 200 OK Date: Mon, 7 March 2011 01:23:45 GMT Server: Apache/2.2.17 (Unix) Content-Length: 123 Connection: close Content-Type: text/html; charset=UTF-8 DNT: 1 This feature is intended to aid in the decentralized collection of statistics about the Do Not Track mechanism, including adoption rates and intermediary operations. It is also intended to clearly identify whether a request was processed in compliance with Do Not Track. ----------------------------------------- --- Electronic Frontier Foundation (EFF) discussion of Do Not Track ----------------------------------------- --- The Center for Democracy and Technology (CDT) DNT proposal ----------------------------------------- --- Mozilla Do Not Track Field Guide ----------------------------------------- --- Microsoft Web Tracking Protection, member submission to W3C -- Dr. Matthias Schunter, MBA IBM Zurich Research Laboratory, Ph. +41 (44) 724-8329 Homepage: www.schunter.org, Email: schunter(at)acm.org PGP Fingerprint 989AA3ED 21A19EF2 B0058374 BE0EE10D
Received on Tuesday, 4 October 2011 09:45:10 UTC