- From: Chris Pedigo <CPedigo@online-publishers.org>
- Date: Mon, 5 Nov 2012 20:53:33 +0000
- To: "Roy T. Fielding" <fielding@gbiv.com>, John Simpson <john@consumerwatchdog.org>
- CC: "public-tracking@w3.org Group WG" <public-tracking@w3.org>
Agree with Roy here. If servers must honor DNT:1 signals from non-compliant UAs, then we are essentially saying that DNT means whatever the UA decides it will mean. That would be a bad precedent to set. -----Original Message----- From: Roy T. Fielding [mailto:fielding@gbiv.com] Sent: Thursday, November 01, 2012 6:33 PM To: John Simpson Cc: public-tracking@w3.org Group WG Subject: Re: ACTION-212: Draft text on how user agents must obtain consent to turn on a DNT signal On Oct 31, 2012, at 2:32 PM, John Simpson wrote: > Not to imply that I agree that a server can ignore a facially valid DNT message, however the WG comes on this, I'd say if server plans to disregard DNT it MUST notify the UA. Please understand that it is necessary, for the survival of the Web, that a server have the ability to disregard protocol elements that do not adhere to their assigned semantics. It is one of the very few aspects of the Web that allow it to survive the tragedy of the commons. I cannot emphasize enough that this principle is far more important than anything the W3C has worked on, including DNT. If automated transparency is desired, then the solution is to provide a means for the server to say that it won't comply with an invalid signal. In order for that to be required, it must be a mechanism usable by servers that have no direct access to the GUI, including redirect handlers and beacons, which means it must be in the tracking status value. If no protocol mechanism is provided, then it is likely that users will be notified via the privacy policy, assuming that the server adheres to any DNT signals. ....Roy
Received on Monday, 5 November 2012 20:54:01 UTC