W3C home > Mailing lists > Public > public-tracking@w3.org > June 2012

Re: Identity providers as first parties

From: Rigo Wenning <rigo@w3.org>
Date: Fri, 15 Jun 2012 10:28:09 +0200
To: public-tracking@w3.org
Cc: Shane Wiley <wileys@yahoo-inc.com>, "rob@blaeu.com" <rob@blaeu.com>, Kimon Zorbas <vp@iabeurope.eu>, "ifette@google.com" <ifette@google.com>, Tamir Israel <tisrael@cippic.ca>, "JC Cannon (Microsoft)" <jccannon@microsoft.com>
Message-ID: <8322884.KdpyoziqCk@hegel.sophia.w3.org>
Shane, Kimon, 

On Thursday 14 June 2012 16:47:03 Shane Wiley wrote:
> I’ve used a few others and they appears to do the same so I’m
> confused as to what real-world identity provider scenario someone
> is considering where consent wasn’t already obtained?

I confirm that we agreed that the out-of-band agreement will trump 
the DNT:1 signal. We also agreed that the service has to signal this 
to the client. 

I guess, what Rob is trying to achieve is to say, even in this 
context, a service could offer the choice of stopping to track and 
only use information for the login/authentication purpose. This 
could be the meaning of DNT:1 if the Service sends ACK in a 
login/authentication context. If you're looking for medical 
information in a login context, you don't want your login provider 
to spawn that to your insurance. I think this is a very legitimate 
use case. The service could say: "yes, I see your point" and send 
ACK instead of "out-of-band". 

We are just defining switches. People will decide whether they 
switch stuff on or off or provide a switch at all.

Received on Friday, 15 June 2012 08:28:45 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:44:51 UTC