- From: Roy T. Fielding <fielding@gbiv.com>
- Date: Wed, 25 Apr 2012 09:17:48 -0700
- To: Tracking Protection Working Group WG <public-tracking@w3.org>
I thought JC already sent these notes to the list, but it seems to have been offlist instead. Here are JC's notes as text with [my notes]. ===== 1. If the header response values 1 and S are the same why have both? Discussion is about how to treat a service provider. Should an obligation be placed on the first party for SP compliance? It was decided to leave the S designation [for WG review] 2. A tracking status resource would contain human readable text that will be stored in a well-known location with a possible hierarchy for different values. It may point to other pages or content. 3. A response header can be sent to indicate that tracking is occurring or not or to indicated that the tracking status resource has changed. This is indicated with an “update-needed” flag. This would only happen during a session. E.G. the user provides opt-in consent at the site during the session. 4. How should a resource like Google-maps be treated? The Bing search box could have the same issue. The suggestion is to provide a different URI based on whether a resource is used in a first or third-party context. 5. Each resource being loaded by a page should have a different URI and can be viewed as a third-part resource. Interactions with the resources should also access a separate resource that can be viewed as a first party. 6. The proposal seems unworkable for some complex scenarios. Heather will [take action item to produce] an alternate proposal. ===== ....Roy
Received on Wednesday, 25 April 2012 16:18:20 UTC