On 9/12/13 1:18 PM, Dave Crocker wrote:
"privacy properties of IETF protocols and concrete ways in which
those could be improved."
One obvious thing is the amount of (usually unnecessary) information
leaked by the User-Agent field in HTTP.
Should we downgrade the User-Agent field (section 14.43 of RFC 2616)
from a SHOULD to a MAY?
Or, if that's too radical, should we standardize a small number of fixed
strings to use in the User-Agent field? (For example, "Desktop/1.0" for
desktop browsers, "Mobile/1.0" for mobile browsers, "Text/1.0" for text
browsers like Lynx, "Batch/1.0" for non-interactive clients like curl
which are performing a task more specific than crawling the web, and
"Robot/1.0" for clients which are crawling the web?)
--Patrick
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
