(USERTRACKING) Draft text
Koen Holtman (koen@win.tue.nl)
Sat, 13 Apr 1996 22:43:16 +0200 (MET DST)
The following issue, owned by Brian Behlendorf, is on the HTTP/1.1
issues list:
* BB USERTRACKING Privacy from user tracking based on accept
([holtman 6.2, 6.3])
I mailed Brian for status about this on April 7, but he has not
responded so far. I'll take over the issue until I hear from Brian.
Below is proposed text for the 1.1 draft, adapted from [holtman 6.2,
6.3].
I'd like to close this issue in a few days: I do not think it is very
controversial. If you have any comments on, or improvements for, the
text below, please send them in private e-mail. I'll summarize on the
list.
Koen.
----snip----
[## Note: the text below could be in a separate section, but could
also be added to the existing section 14.7 on `Privacy issues
connected to Accept headers'.##]
14. Security Considerations
14.x User tracking based on accept headers
Elaborate user-customized accept header fields sent in every
request, in particular if these include quality values, can be used
by servers as relatively reliable and long-lived user identifiers.
Such user identifiers would allow content providers to do
click-trail tracking, and would allow collaborating content
providers to match cross-server click-trails or form submissions of
individual users. Note that for many users not behind a proxy, the
network address of the host running the user agent will also serve
as a long-lived user identifier. In environments where proxies are
used to enhance privacy, user agents should be conservative in
offering accept header configuration options to end users. As an
extreme privacy measure, proxies could filter the accept headers in
relayed requests. General purpose user agents which provide a high
degree of header configurability should warn users about the loss
of privacy which can be involved.
[End of text]