Re: PING [call for consensus] - publish fingerprinting guidance as a Working Draft Interest Group Note

Hi

2015-10-19 15:35 GMT+01:00 Nat Sakimura <sakimura@gmail.com>:

> I am fine with publishing it.
>

If it allows further work, then this is a good idea.


>
> Re: first NOTE in the document, i.e., identification and correlation,
> generally speaking, I have an impression that identification is an
> inter-temporal correlation within a site, and "correlation" is the case
> where cross-site/domain correlation is possible in addition. At least,
> that's how I explain the pseudonymity and verinymity.
>


I think it's just a matter of wording. Actually it could be simplified by
replacing:
"an online party can correlate multiple visits"
with
"an online party can link separate visits".

Makes the matter clearer in my opinion.

Additionally,

"Browser fingerprinting provides privacy concerns even" I would replace
"provides" with "brings" - again, just a matter of wording, although in the
previous case it makes it much more clearer IMO.


Additionally it might be extended a bit, for example why not including a
discussion of other sources of identifiers, that can possibly change with
time (even in short intervals).

For some reason I also have an odd feeling sometimes "fingerprint(ing)"
could be replaced with identification/identifiers.

For example: "cookie-like fingerprinting". When we speak about setting and
reading - is it still  fingerprinting? But if it is, then it is definitely
active (because: setting"), so why not in this case merge it with 3.2.

Please pardon me for my academic blurb ;)

Best
Lukasz

Received on Monday, 19 October 2015 20:38:06 UTC