- From: イアンフェッティ <ifette@google.com>
- Date: Tue, 3 Mar 2015 15:20:15 -0800
- To: David Singer <singer@apple.com>
- Cc: Joseph Lorenzo Hall <joe@cdt.org>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
- Message-ID: <CAF4kx8dAYLwNX5GesxjUUDp+bhDEtt7y4G=juDqQSQbmLFFyJw@mail.gmail.com>
What you're asking for is quite a bit in that case. Netflix has a notion of "personas" when I sign in. It asks me "Is this Ian watching or someone else". So, in theory it ought to be able to hook up to such a mechanism as you describe. But you're asking every other site to build in something like that -- the household Amazon Prime account becomes "John's purchases" and "Jane's purchases". Or the kid-at-college's purchases. That's a rather large ask for a lot of sites... 2015-03-03 14:46 GMT-08:00 David Singer <singer@apple.com>: > > > On Mar 3, 2015, at 14:40 , Ian Fette (イアンフェッティ) <ifette@google.com> > wrote: > > > > The problems with scoped identifiers are (at least): > > a) defining what they are scoped by. ‘The user you think it is from > some other information, if any’ is not very good standards-writing. > > > > Well, it could be origin-scoped :) > > > > b) if it’s scoped by the machine, you can’t carry on searching for your > SO’s birthday present from your phone (on the go) to your laptop (at home) > > > > What else would it be scoped by? If you have a named profile for the > user that's not transient, why do you need any of this? Named profiles in > Chrome (and other browsers AFAIK) keep separate cookie jars, and I'm not > really sure what this buys us over separate cookie jars. Asking e.g. ads > servers to keep data separate (even when it's coming from the same IP and > fingerprintable data) based on a different "persona" seems like a bit of a > DNT-sized task :) Asking other sites to build new infrastructure based on > personas seems a lot more complicated than saying "we'll keep the cookies > separate for different personas" and letting people carry on. > > If you keep the cookies separate, then either I can’t buy my wife’s > birthday present using my account, or I can, and the illusion of separation > evaporates. The deal is no longer "you know it’s me but you agree to keep > records segregated” but “I am going to try to pretend to be somebody else, > but if you work out it’s me or I reveal it, the separation evaporates”. > > > David Singer > Manager, Software Standards, Apple Inc. > >
Received on Tuesday, 3 March 2015 23:20:42 UTC