- From: David Singer <singer@apple.com>
- Date: Tue, 03 Mar 2015 14:46:03 -0800
- To: ifette@google.com
- Cc: Joseph Lorenzo Hall <joe@cdt.org>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
> On Mar 3, 2015, at 14:40 , Ian Fette (イアンフェッティ) <ifette@google.com> wrote: > > The problems with scoped identifiers are (at least): > a) defining what they are scoped by. ‘The user you think it is from some other information, if any’ is not very good standards-writing. > > Well, it could be origin-scoped :) > > b) if it’s scoped by the machine, you can’t carry on searching for your SO’s birthday present from your phone (on the go) to your laptop (at home) > > What else would it be scoped by? If you have a named profile for the user that's not transient, why do you need any of this? Named profiles in Chrome (and other browsers AFAIK) keep separate cookie jars, and I'm not really sure what this buys us over separate cookie jars. Asking e.g. ads servers to keep data separate (even when it's coming from the same IP and fingerprintable data) based on a different "persona" seems like a bit of a DNT-sized task :) Asking other sites to build new infrastructure based on personas seems a lot more complicated than saying "we'll keep the cookies separate for different personas" and letting people carry on. If you keep the cookies separate, then either I can’t buy my wife’s birthday present using my account, or I can, and the illusion of separation evaporates. The deal is no longer "you know it’s me but you agree to keep records segregated” but “I am going to try to pretend to be somebody else, but if you work out it’s me or I reveal it, the separation evaporates”. David Singer Manager, Software Standards, Apple Inc.
Received on Tuesday, 3 March 2015 22:46:33 UTC