W3C home > Mailing lists > Public > public-tracking@w3.org > March 2012

Re: set of exceptions

From: Nicholas Doty <npdoty@w3.org>
Date: Tue, 6 Mar 2012 16:43:07 -0800
Cc: Matthias Schunter <mts@zurich.ibm.com>, Andy Zeigler <andyzei@microsoft.com>, "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
Message-Id: <8CA9E8B2-6872-4F75-86D1-BDEBAE714277@w3.org>
To: Shane Wiley <wileys@yahoo-inc.com>
We had ISSUE-109 to track the specific question about the existence of a JavaScript-accessible list property. We had a proposal to remove that particular property (I believe user agent developers agreed that the functionality could be achieved using the request() method and that the fingerprinting risk of the list was large) which was included in the recent updated JS proposal from Tom, Andy and me.

I believe Matthias has folded this into ISSUE-111. Whichever issue it's tracked in, Shane, do you want to provide alternate text as an option in the draft? (Maybe you just want the list property text exactly as it was before, or maybe you have comments on using the request() method or maybe something else entirely.)


On Mar 6, 2012, at 6:59 AM, Shane Wiley wrote:

> Matthias,
> I don't believe the following issue is closed (or if it is, I'll propose we reopen the issue as Server-Side interrogation of site-specific exceptions will be an important option -- bad actors can find numerous other ways to digitally fingerprint a user's system and I believe we've agreed to not cripple the DNT standard in attempts to manage bad actors).
> "- we decided not to provide an API for retrieving the set
>  of exceptions for a server due to the resulting finger
>  printing risks"
> - Shane
Received on Wednesday, 7 March 2012 00:43:20 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:44:46 UTC