W3C home > Mailing lists > Public > whatwg@whatwg.org > September 2009

[whatwg] Web Storage: apparent contradiction in spec

From: Peter Kasting <pkasting@google.com>
Date: Thu, 3 Sep 2009 17:43:01 -0700
Message-ID: <d62cf1d10909031743u2bffb494i3962e95a576a0325@mail.gmail.com>
On Thu, Sep 3, 2009 at 5:17 PM, Ian Hickson <ian at hixie.ch> wrote:

> On Thu, 3 Sep 2009, Peter Kasting wrote:
> > On Thu, Sep 3, 2009 at 4:26 PM, Ian Hickson <ian at hixie.ch> wrote:
> > > There's more wording in a later section on cookie resurrection which
> gives
> > > more background. Does that satisfy your request?
> >
> > I think that later section actually muddies the waters.
> >
> > Something like this would be more clear: "If users attempt to protect
> > their privacy by clearing cookies without also clearing persistent
> > storage data, sites can defeat those attempts by using the two features
> > as redundant backup for each other.  User agents should present the
> > interfaces for clearing these in a way that helps users to understand
> > this possibility and enables them to delete data in both
> > simultaneously."
> >
> > IMO this achieves what you're trying for while leaving the actual UI
> > design as open as possible.
>
> Do you mean this as a repalcement or in addition to what's in the spec
> now?


Replacement.


> For the Cookie Resurrection section or the User Tracking section?


Cookie resurrection section.  Although because the comments in both sections
are so similar, I'm not sure I see value in having two sections.  Just
having one, which has this text, seems fine.


> I
> don't understand the difference between what you suggest and what the spec
> says. What is wrong with what the spec says, that is fixed by the above?


The key objectionable phrase in the cookie resurrection section is "presents
data in the persistent storage features ... separately from data in HTTP
session cookies".  This can be construed to mean that the UA should not
_ever_ separate presentation of the stored data in the two features (lest it
risk user hazard), when in practice a UA may want UI with some amount of
presentation separation (e.g. side-by-side buttons that call up separate
dialogs for the data stored in each feature) while still trying to make it
clear and easy for users to manage their privacy.  I don't believe the spec
intends to imply this level of detail about UAs' UI, so I am trying to
remove any potential for ambiguity.  IMO my suggested text cannot be
construed as mandating fine details of the presentation of the data.

FWIW, the text in the User Tracking section that says "associates them
strongly" is perhaps also still going too far, for similar reasons.  It's
not clear precisely what this means, and for some use cases (e.g. gmail
storing document drafts for offline editing)  the use of persistent storage
is not equivalent to an HTTP session cookie; if a UA has some sort of
detailed knowledge of the distinctions here, it should be allowed to present
data in whatever way is most clear and helpful to the user.  The text
currently in the spec, while much better than before, still goes beyond
noting a risk to users that UAs should highlight, and ventures into the
realm of prescribing specific solutions for that risk, which may not always
be appropriate.

PK
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090903/9824ed76/attachment-0001.htm>
Received on Thursday, 3 September 2009 17:43:01 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:08:52 UTC