Re: Some half-baked thoughts about cookies.

Hiya,

On 16/08/18 08:20, Mike West wrote:
> On 16/08/18 03:26, Amos Jeffries wrote:
>> As you say, its a neutral proposal. That itself places it on the losing
>> side in the perfection-or-nothing battle.
> 
> I agree with this assessment, and I'd suggest that we're unlikely to
> practically deploy perfection (assuming that we can even define it!). This
> proposal feels radical in some ways, and would have some interesting
> impacts if deployed. I look forward to exploring those with y'all. :)

I don't think asking that we aim for a better than ~neutral
privacy outcome is fairly cast anything related to perfection.
(I'm not saying anyone's being unfair, it's just not particularly
useful rhetoric;-)

I do think we ought try for, and perhaps require, any long
term cookie dis/re-placement scheme have better privacy
properties than the current miasma.

I fully agree that aiming for better than ~neutral makes a
hard problem harder though, and maybe we'd find that there's
no feasible approach. OTOH, in one recent case (SNI encryption),
we do seem to have made progress despite that problem appearing
practically unsolveable for quite a while.

What I'm asking is that, if doing this, we aim for a real
improvement in privacy too, and include relevant actors and
incentives in the analysis. We might fail to meet that goal
of course, but I reckon we really ought try.

Cheers,
S.

Received on Thursday, 16 August 2018 07:54:26 UTC