W3C home > Mailing lists > Public > public-tracking@w3.org > October 2012

RE: tracking-ISSUE-183 (Tk E ): Additional Tk header status value for EU [Tracking Preference Expression (DNT)]

From: Fred Andrews <fredandw@live.com>
Date: Tue, 23 Oct 2012 01:53:02 +0000
Message-ID: <BLU002-W59034EAFA5728FF945C126AA790@phx.gbl>
To: Nicholas Doty <npdoty@w3.org>, Tracking Protection Working Group <public-tracking@w3.org>
CC: Mike O'Neill <michael.oneill@baycloud.com>
There is probably a similar issue in the wording of the '1' tracking status
response value, and could I suggest the wording be changed to:

"First party: The designated resource conforms to the requirements on
a first party or may change from conforming to the requirements on a
third party to conforming to the requirements on a first party.  If the
designated resource is used in a third party context then it agrees
only to conform to the requirements of a first party."

cheers
Fred

> From: npdoty@w3.org
> Date: Mon, 22 Oct 2012 17:15:52 -0700
> CC: michael.oneill@baycloud.com
> To: public-tracking@w3.org
> Subject: Re: tracking-ISSUE-183 (Tk E ): Additional Tk header status value for EU [Tracking Preference Expression (DNT)]
> 
> This topic has also come up in reviewing the questions David Singer set out on the needs for the server response. My understanding of the current draft text is that the "3" value is intended to cover resources that are used in a first- or third-party context but comply with the defined requirements for third-parties. Whether in the EU or US, many of us expect that there will be many resources served in a first-party context that comply with third-party requirements.
> 
> Do we as a group think it's important for a resource to indicate separately that it's being served in a first-party context even though it's complying with the stricter third-party requirements? Would users/user agents do anything different in that situation?
> 
> If not (and I don't personally know of an advantage there), then I think the existing tracking status values will suffice.
> 
> —Nick
> 
> On Oct 21, 2012, at 4:28 PM, Tracking Protection Working Group Issue Tracker <sysbot+tracker@w3.org> wrote:
> 
> > tracking-ISSUE-183 (Tk E ): Additional Tk header status value for EU [Tracking Preference Expression (DNT)]
> > 
> > http://www.w3.org/2011/tracking-protection/track/issues/183
> > 
> > Raised by: Mike O'Neill
> > On product: Tracking Preference Expression (DNT)
> > 
> > In Europe and other jurisdictions the requirement will probably be that resource handlers accessed in a first-party context conform as a third-party. 
> > 
> > In these cases resource handlers could place a Tk header in the response with a status of 3 “The designated resource is designed for use within a third-party context and conforms to the requirements on a third party”, but the value and the text are confusing in this situation. Even though the overwhelming majority of these resource handlers will have been designed for use in a first-party context the Tk  response they emit portrays them as third-party.
> > 
> > This could cause confusion for implementers, leading to a loss of interoperability.
> > 
> > It might be better to insert a new single character status value ( in paragraph 5.2) for this situation for instance:
> > 
> > E     The designated resource may be designed for use in a first-party context but conforms to the requirements on a third party.
> > 
> > This is functionally similar to the 3 response but be more appropriate for the majority case in these jurisdictions.
> 
 		 	   		  
Received on Tuesday, 23 October 2012 01:53:29 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 June 2013 10:11:36 UTC