On Monday, August 27, 2018 11:19:06 AM CEST Mike West wrote: > I believe Rigo's proposal in > https://github.com/mikewest/http-state-tokens/pull/2 is to bind > multiple purposes to a single identifier. I think we'd be better > served if the user agent minted distinct identifiers for a (very) > small number of purposes whose intentions are publicly described. > Either way, there's room for healthy debate on the topic. My suggestion was actually the contrary: To bind identifiers to a certain class of purposes (one purpose). The problem with purposes is that there is an infinite number of them. But we also have purposes that are relatively common. I want to cover those first. Even though this sounds like multiple purposes I want to clarify here that this could also mean one identifier per purpose (or class thereof). Because IF we have a purpose stated in a specification or description, using that identifier for a different purpose (e.g. cross-site tracking) is then triggering the potential for legal actions in most countries except in the US. --Rigo
Received on Monday, 27 August 2018 09:38:17 UTC