W3C home > Mailing lists > Public > public-tracking@w3.org > September 2013

re: issue-151

From: Mike O'Neill <michael.oneill@baycloud.com>
Date: Mon, 2 Sep 2013 09:58:00 +0100
To: <public-tracking@w3.org>
Cc: "'Chris Mejia'" <chris.mejia@iab.net>, "Rigo Wenning" <rigo@w3.org>
Message-ID: <00a101cea7ba$87177460$95465d20$@baycloud.com>
Other W3C groups are working on cross-platform standards for web apps. Web
apps need access to device interfaces for such things as telephony,
geo-location and contact lists so "certified" apps are being defined which
those that would have access to such "sensitive" APIs. A certified app is
cryptographically signed by an organisation such as an app webstore to prove
it has been vetted.

 

I wonder if we could leverage this approach to help solve the "valid DNT
signal" problem. If the DNT signal (general pref. as well as the
site-specific exception) could be managed by an API that was only available
to certified applications, and we could agree the parameters to decide what
institutions could make vetting decisions, maybe that would help us reach
consensus. These certified apps could be hosted or packaged, and could
reside in UAs (built-in). As it stands only packaged apps are certifiable
right now but hosted apps could have this facility also (signing the
manifest?) , and so why not simple web sites.

 

Mike

 

 

 

 

 

 
Received on Monday, 2 September 2013 08:58:34 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:45:18 UTC