- From: CVS User rfieldin <cvsmail@w3.org>
- Date: Wed, 15 Jan 2014 01:40:47 +0000
- To: public-tracking-commit@w3.org
Update of /w3ccvs/WWW/2011/tracking-protection/drafts
In directory gil:/tmp/cvs-serv14022
Modified Files:
tracking-dnt.html
Log Message:
(editorial) split Representation section into subsections
--- /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-dnt.html 2014/01/15 00:33:31 1.230
+++ /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-dnt.html 2014/01/15 01:40:47 1.231
@@ -940,7 +940,7 @@
</section>
<section id='status-caching'>
- <h3>Caching</h3>
+ <h4>Caching</h4>
<p>
If the tracking status is applicable to all users, regardless of
the received <a>DNT-field-value</a> or other data received via the
@@ -995,19 +995,40 @@
</section>
</section>
- <section id='status-representation'>
- <h3>Representation</h3>
- <p>
- An origin server MUST provide a representation of each tracking
- status resource in the JSON format [[!RFC4627]] that conforms to
- the ABNF for <code><a>status-object</a></code> (except that the
- members within each member-list MAY be provided in any order).
- </p>
+ <section id='status-representation'>
+ <h3>Tracking Status Representation</h3>
+ <p>
+ An origin server MUST provide a representation of each tracking
+ status resource in a JSON format [[!RFC4627]] that conforms to
+ the ABNF for <code><a>status-object</a></code> (except that the
+ members within each member-list MAY be provided in any order).
+ </p>
+
+ <section id='rep.status-object'>
+ <h4>Status Object</h4>
<p>
- The following example tracking status representation
- illustrates all of the fields defined by this specification,
- most of which are optional.
+ A tracking status representation consists of a single
+ <code>status-object</code> containing members that describe
+ the tracking status applicable to the <a>designated resource</a>.
</p>
+ <pre class="abnf">
+<dfn>status-object</dfn> = begin-object member-list end-object
+
+<dfn>member-list</dfn> = tracking-p ns tracking-v
+ [ vs compliance ns compliance-v ]
+ [ vs qualifiers ns qualifiers-v ]
+ [ vs controller ns controller-v ]
+ [ vs same-party ns same-party-v ]
+ [ vs audit ns audit-v ]
+ [ vs policy ns policy-v ]
+ [ vs edit ns edit-v ]
+ *( vs extension )
+ </pre>
+ <p>
+ The following example tracking status representation illustrates a
+ status object with all of the properties defined by this
+ specification, most of which are optional.
+ </p>
<pre class="example">
{
"tracking": "T",
@@ -1026,32 +1047,19 @@
"edit": "http://example.com/your/data"
}
</pre>
- <p>
- A tracking status representation consists of a single
- <code><a>status-object</a></code> containing members that describe
- the tracking status applicable to the <a>designated resource</a>.
- </p>
- <pre class="abnf">
-<dfn>status-object</dfn> = begin-object member-list end-object
+ </section>
-<dfn>member-list</dfn> = tracking ns tracking-v
- [ vs compliance ns compliance-v ]
- [ vs qualifiers ns qualifiers-v ]
- [ vs controller ns controller-v ]
- [ vs same-party ns same-party-v ]
- [ vs audit ns audit-v ]
- [ vs policy ns policy-v ]
- [ vs edit ns edit-v ]
- *( vs extension )
- </pre>
+ <section id='rep.tracking'>
+ <h4>Tracking Property</h4>
<p>
A <code><a>status-object</a></code> always has a member named
- <code><a>tracking</a></code> with a string value that consists of
- the tracking status value applicable to the <a>designated resource</a>
- (<a href="#tracking-status-value" class="sectionRef"></a>).
+ <code>tracking</code> with a string value containing
+ the tracking status value
+ (<a href="#tracking-status-value" class="sectionRef"></a>)
+ applicable to the <a>designated resource</a>.
</p>
<pre class="abnf">
-<dfn>tracking</dfn> = %x22 "tracking" %x22
+<dfn>tracking-p</dfn> = %x22 "tracking" %x22
<dfn>tracking-v</dfn> = %x22 TSV %x22
</pre>
<p>
@@ -1062,10 +1070,13 @@
<pre class="example">
{"tracking": "N"}
</pre>
- <div class="option">
+ </section>
+
+ <section id='rep.tracking' class="option">
+ <h4>Compliance Property</h4>
<p>
An origin server MAY send a member named
- <code><a>compliance</a></code> with an array value containing
+ <code>compliance</code> with an array value containing
a list of URI references that identify specific regimes to which
the origin server claims to comply for the designated resource.
Communicating such a claim of compliance is presumed to improve
@@ -1077,37 +1088,44 @@
<dfn>compliance</dfn> = %x22 "compliance" %x22
<dfn>compliance-v</dfn> = array-of-refs
</pre>
- </div>
<p class="issue" data-number="239" title="Should tracking status representation include an array of links for claiming compliance by reference?">
[RAISED] Text above is proposed resolution.
</p>
+ </section>
+
+ <section id='rep.qualifiers'>
+ <h4>Qualifiers Property</h4>
<p>
- An origin server MAY send a <code><a>status-object</a></code>
- member named <code><a>qualifiers</a></code> with a string value
+ An origin server MAY send a
+ member named <code>qualifiers</code> with a string value
containing a sequence of case sensitive characters corresponding
to explanations or limitations on the extent of tracking.
Multiple qualifiers indicate that multiple explanations or forms
of tracking might apply for the designated resource.
The meaning of each qualifier is presumed to be defined by one
- or more of the regimes listed in <a>compliance</a>.
+ or more of the regimes listed in <code><a>compliance</a></code>.
</p>
<pre class="abnf">
<dfn>qualifiers</dfn> = %x22 "qualifiers" %x22
<dfn>qualifiers-v</dfn> = %x22 *qualifier %x22
<dfn>qualifier</dfn> = id-char
</pre>
+ </section>
+
+ <section id='rep.controller'>
+ <h4>Controller Property</h4>
<p>
An origin server MAY send a member named
- <code><a>controller</a></code> with an array value containing
+ <code>controller</code> with an array value containing
a list of URI references indirectly identifying the party or
set of parties that claims to be the responsible data controller
for personal data collected via the designated resource. An origin
- server MUST send a <code><a>controller</a></code> member if the
+ server MUST send a <code>controller</code> member if the
responsible data controller does not own the designated resource's
domain name.
</p>
<p>
- An origin server that does not send <code><a>controller</a></code>
+ An origin server that does not send <code>controller</code>
is implying that its domain owner is the sole data controller;
information about the data controller ought to be found on the
designated resource's site root page, or by way of a clearly
@@ -1118,11 +1136,11 @@
If the <a>designated resource</a> has joint data controllers
(i.e., multiple parties have independent control over the
collected data), the origin server MUST send a
- <code><a>controller</a></code> member that contains a reference
+ <code>controller</code> member that contains a reference
for each data controller.
</p>
<p>
- Each URI reference provided in <code><a>controller</a></code>
+ Each URI reference provided in <code>controller</code>
MUST refer to a resource that, if a retrieval action is performed
on that URI, would provide the user with information regarding
(at a minimum) the identity of the corresponding party and
@@ -1132,6 +1150,10 @@
<dfn>controller</dfn> = %x22 "controller" %x22
<dfn>controller-v</dfn> = array-of-refs
</pre>
+ </section>
+
+ <section id='rep.same-party'>
+ <h4>Same-party Property</h4>
<p>
Since a user's experience on a given site might be composed of
resources that are assembled from multiple domains, it might be
@@ -1139,14 +1161,14 @@
their own control (i.e., share the same data controller as the
referring site).
An origin server MAY send a member named
- <code><a>same-party</a></code> with an array value containing a
+ <code>same-party</code> with an array value containing a
list of domain names that the origin server claims are the same
party, to the extent they are referenced by the designated
resource, if all data collected via those references share the
same data controller as the designated resource.
</p>
<p>
- A user agent might use the <code><a>same-party</a></code> array,
+ A user agent might use the <code>same-party</code> array,
when provided, to inform or enable different behavior for
references that are claimed to be same-party versus those for
which no claim is made. For example, a user agent might choose to
@@ -1170,9 +1192,13 @@
for 1st party use" are malicious unless this URL is listed in the
"same-party" attribute
</p>
+ </section>
+
+ <section id='rep.audit'>
+ <h4>Audit Property</h4>
<p>
An origin server MAY send a member named
- <code><a>audit</a></code> with an array value containing a list of
+ <code>audit</code> with an array value containing a list of
URI references to external audits of the designated resource's
privacy policy and tracking behavior.
Preferably, the audit references are to resources that describe
@@ -1184,15 +1210,19 @@
<dfn>audit</dfn> = %x22 "audit" %x22
<dfn>audit-v</dfn> = array-of-refs
</pre>
+ </section>
+
+ <section id='rep.policy'>
+ <h4>Policy Property</h4>
<p>
An origin server MAY send a member named
- <code><a>policy</a></code> with a string value containing a
+ <code>policy</code> with a string value containing a
URI reference to a human-readable document that describes the
relevant privacy policy for the designated resource.
The content of such a policy document is beyond the
scope of this protocol and only supplemental to what is described
in the machine-readable tracking status representation.
- If no <code><a>policy</a></code> member is provided, this
+ If no <code>policy</code> member is provided, this
information might be obtained via the links provided in
<code><a>controller</a></code>.
</p>
@@ -1200,15 +1230,19 @@
<dfn>policy</dfn> = %x22 "policy" %x22
<dfn>policy-v</dfn> = string ; URI-reference
</pre>
+ </section>
+
+ <section id='rep.edit'>
+ <h4>Edit Property</h4>
<p>
An origin server MAY send a member named
- <code><a>edit</a></code> with a string value containing a
+ <code>edit</code> with a string value containing a
URI reference to a resource for giving the user control over
personal data collected via the designated resource (and possibly
other resources).
If the tracking status value indicates prior consent
(<code><a>C</a></code>), the origin server MUST send an
- <code><a>edit</a></code> member referencing a resource that
+ <code>edit</code> member referencing a resource that
describes how such consent is established and how to revoke that
consent.
</p>
@@ -1223,7 +1257,7 @@
beyond the scope of this protocol.
</p>
</p>
- If no <code><a>edit</a></code> member is provided, this
+ If no <code>edit</code> member is provided, this
information might be obtained via the links provided in
<code><a>controller</a></code> or <code><a>policy</a></code>.
</p>
@@ -1231,8 +1265,12 @@
<dfn>edit</dfn> = %x22 "edit" %x22
<dfn>edit-v</dfn> = string ; URI-reference
</pre>
+ </section>
+
+ <section id='rep.extension'>
+ <h4>Extensions</h4>
<p>
- An origin server MAY send additional <code><a>extension</a></code>
+ An origin server MAY send additional extension
members in the <code><a>status-object</a></code> to support future
enhancements to this protocol. A recipient MUST ignore
extension members that it does not recognize.
@@ -1255,8 +1293,8 @@
<dfn>false</dfn> = <false, as defined in [[!RFC4627]]>
<dfn>null</dfn> = <null, as defined in [[!RFC4627]]>
</pre>
-
</section>
+ </section>
<section id='response-error'>
<h3>Status Code for Tracking Required</h3>
@@ -1325,7 +1363,7 @@
</p>
<p>
The <code><a>status-object</a></code> is supposed to have a member
- named <code><a>tracking</a></code> containing the tracking status
+ named <code>tracking</code> containing the tracking status
value. The meaning of each tracking status value is defined in
<a href="#tracking-status-value" class="sectionRef"></a>.
</p>
Received on Wednesday, 15 January 2014 01:40:48 UTC