- From: David Singer via cvs-syncmail <cvsmail@w3.org>
- Date: Tue, 17 Apr 2012 03:54:07 +0000
- To: public-tracking-commit@w3.org
Update of /w3ccvs/WWW/2011/tracking-protection/drafts
In directory hutz:/tmp/cvs-serv7814
Modified Files:
tracking-dnt.html
Log Message:
inserted: 59, 83 (replaced un-numbered npdoty issue), 129, 130, 136, 137, 140
already correct: 84, 47
changed 61, 107, 120, 124 to Open, but they were pending review. Is this right?
removed as closed: 117, 125, 108 (left note), 118, 115, 109, 114
Removed from the intro:
<p>
We have not yet reviewed comments from the Community Group associated
with this work. We thank them for their time and detailed feedback,
and will address their comments in the near future.
</p>
if it's still true, it should be an Issue.
Index: tracking-dnt.html
===================================================================
RCS file: /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-dnt.html,v
retrieving revision 1.109
retrieving revision 1.110
diff -u -d -r1.109 -r1.110
--- tracking-dnt.html 6 Apr 2012 23:40:07 -0000 1.109
+++ tracking-dnt.html 17 Apr 2012 03:54:04 -0000 1.110
@@ -67,11 +67,8 @@
<a href="http://www.w3.org/2011/tracking-protection/track/issues/postponed">postponed</a>
issues regarding this document.
</p>
- <p>
- We have not yet reviewed comments from the Community Group associated
- with this work. We thank them for their time and detailed feedback,
- and will address their comments in the near future.
- </p>
+ <p class="issue"><a href="http://www.w3.org/2011/tracking-protection/track/issues/136">ISSUE-136</a>: Resolve dependencies of the TPE on the compliance specification.
+ </p>
</section>
<section>
@@ -151,14 +148,7 @@
applicability, and the requirements on compliant first-party and
third-party participants when an indication of tracking preference
is received.
- </p>
- <p class='issue'><a href="http://www.w3.org/2011/tracking-protection/track/issues/117">ISSUE-117</a>: Terms: tracking v. cross-site tracking<br />
- The WG has not come to consensus regarding the definition of tracking
- and whether the scope of DNT includes all forms of user-identifying
- data collection or just cross-site data collection/use. This issue
- will be resolved in the TCS document, though its resolution is a
- necessary prerequisite to understanding and correctly implementing
- the protocol defined by this document.</p>
+ </p>
</section>
<section id='notational'>
@@ -288,6 +278,7 @@
adjust their behavior when no explicit preference is expressed via
this protocol.
</p>
+ <p class='issue'><a href="http://www.w3.org/2011/tracking-protection/track/issues/59">ISSUE-59</a>: Should the first party be informed about whether the user has sent a DNT header to third parties on their site?</p>
<p class='issue'><a href="http://www.w3.org/2011/tracking-protection/track/issues/111">ISSUE-111</a>: Different DNT value to signify existence of site-specific exception (also linked to <a href="#dnt-header-field">4.1</a> and <a href="#exceptions">6</a> below</a>)</p>
</section>
@@ -416,7 +407,6 @@
text to resolve this issue.
</p>
<p class="issue"><a href="http://www.w3.org/2011/tracking-protection/track/issues/116">ISSUE-116</a>: How can we build a JS DOM property which doesn't allow inline JS to receive mixed signals?</p>
- <p class="issue"><a href="http://www.w3.org/2011/tracking-protection/track/issues/125">ISSUE-125</a>: Way to test if a given user agent supports DNT</p>
</section>
<section id='plug-ins'>
@@ -454,11 +444,12 @@
if other protocols are used. For example, re-directing to another
protocol in order to avoid receipt of the header is not compliant.
</p>
- <p class='issue'><a href="http://www.w3.org/2011/tracking-protection/track/issues/108">ISSUE-108</a>: Should/could the tracking preference expression be extended to other protocols beyond HTTP?<br />
- <b>[PENDING REVIEW]</b> Text in this section; but the last paragraph
- may be more appropriate in the compliance document, as it discusses
- compliance.
- </p>
+ <div class='note'>
+ <p>The last paragraph
+ may be more appropriate in the compliance document, as it discusses
+ compliance.
+ </p>
+ </div>
</section>
</section>
@@ -754,11 +745,11 @@
link to a human-readable policy.
</p>
<p class='issue'><a href="http://www.w3.org/2011/tracking-protection/track/issues/61">ISSUE-61</a>: A site could publish a list of the other domains that are associated with them<br />
- <b>[PENDING REVIEW]</b> The same-site and partners members provide
+ <b>[OPEN]</b> The same-site and partners members provide
a means to list first-party and third-party domains, respectively.
</p>
<p class='issue'><a href="http://www.w3.org/2011/tracking-protection/track/issues/124">ISSUE-124</a>: Alternative DNT implementations that replace HTTP headers with something else<br />
- <b>[PENDING REVIEW]</b> The tracking status resource minimizes
+ <b>[OPEN]</b> The tracking status resource minimizes
bandwidth usage because only a small proportion of user agents
are expected to perform active verification, status would only be
requested once per site per day, and the response can be
@@ -1024,11 +1015,13 @@
look for response header fields.
</p>
<p class='issue'><a href="http://www.w3.org/2011/tracking-protection/track/issues/107">ISSUE-107</a>: Exact format of the response header?<br />
- <b>[PENDING REVIEW]</b> See the proposal in this section.
+ <b>[OPEN]</b> See the proposal in this section.
</p>
<p class='issue'><a href="http://www.w3.org/2011/tracking-protection/track/issues/120">ISSUE-120</a>: Should the response header be mandatory (MUST) or recommended (SHOULD)</br>
- <b>[PENDING REVIEW]</b> Text in above paragraphs.
+ <b>[OPEN]</b> Text in above paragraphs.
+ </p>
+ <p class='issue'><a href="http://www.w3.org/2011/tracking-protection/track/issues/137">ISSUE-137</a>: Does hybrid tracking status need to distinguish between first party (1) and outsourcing service provider acting as a first party (s)?
</p>
</section>
@@ -1193,10 +1186,6 @@
<section id='exceptions'>
<h2>Site-specific Exceptions</h2>
- <p class='issue'><a href="http://www.w3.org/2011/tracking-protection/track/issues/118">ISSUE-118</a>: Should requesting a user-agent-managed site-specific exception be asynchronous?<br />
- <b>[PENDING REVIEW]</b> As proposed below.
- </p>
- <p class="issue"><a href="http://www.w3.org/2011/tracking-protection/track/issues/115">ISSUE-115</a>: Should sites be able to manage site-specific tracking exceptions outside of the user-agent-managed system?</p>
<p class="issue"><a href="http://www.w3.org/2011/tracking-protection/track/issues/111">ISSUE-111</a>: Different DNT values to signify existence of site-specific exception</p>
<section id="exceptions-overview" class="informative">
<h2>Overview</h2>
@@ -1420,9 +1409,6 @@
function will be called immediately.
</p>
- <p class="issue"><a href="http://www.w3.org/2011/tracking-protection/track/issues/109">ISSUE-109</a>: siteSpecificTrackingExceptions property has fingerprinting risks: is it necessary?<br />
- <b>[PENDING REVIEW]</b> It has been removed from the proposal.
- </p>
</section>
<section class="informative">
@@ -1498,7 +1484,14 @@
trust without visiting that site.
</p>
- <p class="issue">ISSUE: Should there be a normative requirement for the existence of a revocation mechanism? (raised by npdoty)</p>
+ <p class="issue"><a href="http://www.w3.org/2011/tracking-protection/track/issues/83">ISSUE-83</a>: How do you opt out if already opted in?
+ </p>
+ <p class="issue"><a href="http://www.w3.org/2011/tracking-protection/track/issues/129">ISSUE-129</a>: Should a blanket exception of the type ("*" at "firstparty") be possible?
+ </p>
+ <p class="issue"><a href="http://www.w3.org/2011/tracking-protection/track/issues/130">ISSUE-130</a>: Should a global exception for a given third party on all sites be supported?
+ </p>
+ <p class="issue"><a href="http://www.w3.org/2011/tracking-protection/track/issues/140">ISSUE-140</a>: Do we need site-specific exceptions, i.e., concrete list of permitted thirdparties for a site?
+ </p>
</section>
<section id="exceptions-when-not-enabled">
@@ -1560,9 +1553,6 @@
stored site-specific exceptions when the user chooses to clear
cookies or other client-side state.
</p>
- <p class="issue"><a href="http://www.w3.org/2011/tracking-protection/track/issues/114">ISSUE-114</a>: Guidance or mitigation of fingerprinting risk for user-agent-managed site-specific tracking exceptions<br>
- <b>PENDING REVIEW</b> Above text provides guidance for user agent
- developers.</p>
</section>
</section>
Received on Tuesday, 17 April 2012 03:54:11 UTC