- From: Joseph Lorenzo Hall <joe@cdt.org>
- Date: Wed, 2 Nov 2016 17:40:36 -0400
- To: David Singer <singer@apple.com>
- Cc: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
I, along with all of you save David, neglected to start an on-list discussion of these questions. I'm happy to add some thoughts, but I'm wondering if there are other questions people would add to this list? And how might PING be most productive given the very limited time of all of us in terms of advocating for more consistent/standard elements of PBM? On Wed, Sep 21, 2016 at 1:00 PM, David Singer <singer@apple.com> wrote: > Hi > > at the face-to-face in Lisbon we talked about exploring ‘incognito’ or > private-browsing mode, its problems, misperceptions, and what might be the > possibilities for standardization, and to end up with a discussion paper. I > promised to kick off the discussion. This is the kick-off, so discuss away; > add what I missed, disagree with me, and so on! > > Mark Nottingham has a write-up of PBM at > https://gist.github.com/mnot/96440a5ca74fcf328d23. There is also a wealth > of research on what users think. > > > 1) Non-uniformity of approach. The various browsers use different names for > this, and more importantly, they differ slightly in what’s done. > > 1.1) While this enables differentiation, to what extent does this lead to > user confusion? > > 2) Many users believe that this mode provides enhanced protection from > network snooping, or from server recording and tracking. Actually, servers > are unaware, and most or all browsers don’t insist on HTTPS — and even if > they did, the network can obviously see what sites are being visited (as > they have to help deliver the packets). We probably don’t want to move to > full-on TOR. > > 2.1) To what extent could or should we enable servers to know “heh, I am > trying to be private here!”? Note that we’ve informally discussed this > before (e.g. at last year’s TPAC). What are the positive use-cases and what > are the major concerns with this? > > 2.2) If we were to recommend some uniformity of behavior (see 1.1), should > that include recommending https-only? > > 2.3) Sometimes in this mode the browser tries to reduce its fingerprint > surface. Should this be part of the recommendation? > > 2.4) Should we recommend deeper-level fingerprint protection e.g. changing > the IP address, if possible? > > 3) Some sites know that they might be sensitive; orthogonally to the > possible user->server signal, should a server be able to suggest “you > probably want to be in the incog mode when browsing here”? Would it help at > all if one had to visit the site anyway, to learn this? > > 4) This mode mixes several concepts; should we disentangle them? > > > > > David Singer > Manager, Software Standards, Apple Inc. > -- Joseph Lorenzo Hall Chief Technologist, Center for Democracy & Technology [https://www.cdt.org] 1401 K ST NW STE 200, Washington DC 20005-3497 e: joe@cdt.org, p: 202.407.8825, pgp: https://josephhall.org/gpg-key Fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 Tech Prom, CDT's Annual Dinner, is April 20, 2017! https://cdt.org/annual-dinner
Received on Wednesday, 2 November 2016 21:41:29 UTC