httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 53845] Remove DNT settings from httpd.conf
Date Thu, 13 Sep 2012 01:07:30 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=53845

--- Comment #7 from Jonathan Mayer <jmayer@stanford.edu> ---
Contrary to Roy Fielding's frequent and vocal assertions, the W3C Tracking
Protection Working Group has *not* decided that a browser with a preselected
first-run option is noncompliant, nor has it decided that a website may ignore
a well-formed "DNT" header from a noncompliant user agent.

The Working Group had an in-depth call about browser settings on June 6.
Minutes: http://www.w3.org/2012/06/06-dnt-minutes
Summary: http://lists.w3.org/Archives/Public/public-tracking/2012Jun/0110.html

Quoting directly from Co-Chair Aleecia McDonald's summary:

> (1) Today we reaffirmed the group consensus that a user agent MUST NOT set a default
of DNT:1 or DNT:0, unless the act of selecting that user agent is itself a choice that expresses
the user's preference for privacy. In all cases, a DNT signal MUST be an expression of a user's
preference.
> . . .
> Implication A: Microsoft IE [10 Beta, not Release], as a general purpose user agent,
will not be able to claim compliance with DNT once we have a published W3C Recommendation.
As a practical matter they can continue their current default settings, since DNT is a voluntary
standard in the first place. But if they claim to comply with the W3C Recommendation and do
not, that is a matter the FTC (and others) can enforce.
> . . .
> (3) Today we discussed, but did not agree upon, what role the specification does or does
not have in dealing with a non-compliant user agent. We still have more to talk about here
to make sure we all understand the full decision space.

Apple's David Singer, an Editor, phrased the distinction between a first-run
option and a silent default quite well:

> . . . I take 'default' to mean what happens if you don't do anything. If it asks every
user on install/first-use, then every user is expressing a preference, and there is no 'default'.
The most that there can be is a suggestion, or an initially checked box, suggesting that the
user take a certain choice or direction, but it's no longer a 'default' . . . .

Justin Brookman from the Center for Democracy and Technology, another Editor,
has helpfully summarized where the draft text stands on the released version of
Internet Explorer 10:

> It is inaccurate to say that IE10's implementation is inconsistent with the spec . .
. . The Windows flow presents information about DNT along with several other options; as an
opt-in flow, you could argue that DNT should be called out more prominently, but I have seen
a lot worse.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message