Difference Between What is Loggable and What Ought to be Logged
Notes:
- There is definitely a gap between what people think is logged versus what they think ought to be logged for each page requested on the WWW (see: What Information Ought To Be Collected Per Page Request for more information). The below graph illustrates where these differences occur and to what extent. These findings closely resemble those from the Sixth survey.
- There is rough agreement and knowledge that the requested page and time of the request are logged. However, when it comes to the ability to record the machine name issuing the request (difference 48.79%) and to uniquely identify users across sessions (difference 40.03%) for example via cookies, users differ greatly with in what they'd want to be logged and what is common practice. That is, while 60.67% of the users correctly believe that a persistent session IDs can be recorded, only 20.75% feel that this should be done--which has serious possible ramifications for those entities, technologies, and applications that rely upon cookies.
- The ability to record a user's email address (difference 37.85%) per page request also showed a great difference, but unlike the others, this is not possible in the straightforward implementation of the HTTP 1.0 and 1.1 protocol. This reveals a common misconception amongst Web users, possibly attributed to earlier faulty security implementation by Netscape of Java and JavaScript, and lack of trust of Microsoft's Internet Explorer behavior. These numbers represent all users, independent of strata.
For more information or to submit comments:
send e-mail to www-survey@cc.gatech.edu.
GVU's WWW Surveying Team
Graphics, Visualization, & Usability Center
College of Computing
Georgia Institute of Technology
Atlanta, GA 30332-0280