A quick check would be to see if the # requests/day has gone up.
If it has, then there is a good chance that you have NTS.
> We're also not happy about the fact that people's user id's are being
..
> moved elsewhere (in our case, and I suspect many other large orgs,
> this is also a violation of our security policies)?
This has been in the HTTP spec for a long time:
http://info.cern.ch/hypertext/WWW/Protocols/HTTP/HTRQ_Headers.html
If it isn't acceptable at your site then you can deal with it in your
proxy but it shouldn't be a surprise.
I actually hope that other browers follow (wouldn't it be cool if your
reply address was already filled in on forms...).
--sanders