Re: Super Cookies in Privacy Browsing mode

09.01.2015, 03:23, "David Singer" <>:
>>  On Jan 8, 2015, at 16:16 , wrote:
>>  09.01.2015, 01:52, "Christine Runnegar" <>:

>> is the editors' draft.

> but this draft, and what I described, are almost completely different.  We may need different names.
> This draft attempts to achieve privacy by limiting information flow, while not explicitly saying to the servers what it is trying to do.
> My suggestion is almost precisely the opposite: ask the server politely to do something for the user, that actually barely impacts its business.

My instinct is that we should aim for a consensus on what browsers do when trying to support privacy, and that we would be better to get one spec together. Although that may prove a pipe dream.

I note that there are at least two distinct aspects to private browsing - one in which the point is to provide privacy "within the browser" - i.e. so it doesn't later expose to a casual observer what you were doing - and the other is to maintain privacy from casual observers in the network or at the sites visited.

These things are already mixed. Making a search in Yandex browser will provide you with suggestions that can include things that you have looked at before in the browser, things that Yandex remembers you were interested in earlier, and so on. Hence my preference to try and cover the spectrum in a single document.


>>>  Mark Nottingham gave an overview of the TAG’s work on browsers “private browsing mode”. The work looks at the mode for three use cases: other users, network attacker, the website itself. The aim is to provide “best class” protection in private browsing mode while not lowering privacy standards outside privacy browsing mode.
>>>  The work can be followed on the tag email list [2]. Mark hopes to have a draft ready by the January TAG face-to-face meeting."
>>>  [2]"
>>>  Christine
>>>  On 8 Jan 2015, at 11:39 pm, David Singer <> wrote:
>>>>   I think we might need a consensus definition of what private browsing mode is, and how it affects servers.  We had some offline conversation about it at the workshop.
>>>>   For example, for some people ‘private browsing’ starts a sandbox that is initialized from the regular browsing context (cookies and all), but that is discarded at the end of the private browsing session.  There’s no need for supercookies to correlate the regular browsing into private browsing, as the cookies are there.  Correlating the other way will simply raise the ire of users if you are not careful, as it would persist state and hence ‘leak’ from the private session back into the general one.
>>>>   I have some ideas around codifying ‘private browsing mode’ and how to communicate ‘heh, I am trying to be private here!’ to servers.  Is this a topic of interest to others?
>>>>>   On Jan 8, 2015, at 12:13 , Rigo Wenning <> wrote:
>>>>>   Happy New Year!
>>>>>   Interesting article about how HTTP Strict Transport Security can be used to
>>>>>   circumvent the protections in the private browsing mode. But it seems to be
>>>>>   fixed in firefox >34. I don't know about the other browsers.
>>>>>   --Rigo
>>>>   David Singer
>>>>   Manager, Software Standards, Apple Inc.
>>  --
>>  Charles McCathie Nevile - web standards - CTO Office, Yandex
>> - - - Find more at
> David Singer
> Manager, Software Standards, Apple Inc.

Charles McCathie Nevile - web standards - CTO Office, Yandex - - - Find more at

Received on Friday, 9 January 2015 12:02:27 UTC