CVS WWW/2011/tracking-protection/drafts

• From: CVS User rfieldin <cvsmail@w3.org>
• Date: Sun, 08 Dec 2013 06:52:26 +0000
• To: public-tracking-commit@w3.org
• Message-Id: <E1VpYE6-0008LG-EG@gil.w3.org>

Update of /w3ccvs/WWW/2011/tracking-protection/drafts
In directory gil:/tmp/cvs-serv32066

Modified Files:
	tracking-dnt.html 
Log Message:
add issue markers and editorial note

--- /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-dnt.html	2013/12/06 00:24:23	1.227
+++ /w3ccvs/WWW/2011/tracking-protection/drafts/tracking-dnt.html	2013/12/08 06:52:26	1.228
@@ -204,6 +204,17 @@
           The term <dfn>user-granted exception</dfn> is used when the user has
           permitted tracking by a given third party.
         </p>
+        <p class="issue" data-number="5" title="What is the definition of tracking?">
+           [OPEN] Definition of tracking awaiting WG decision following call for objections.
+        </p>
+        <p class="issue" data-number="10" title="What is a first party?">
+           [OPEN] Definitions for party, first party, and third party are
+           awaiting WG decision following call for objections.
+        </p>
+        <p class="issue" data-number="16" title="What does it mean to collect, retain, use and share data?">
+           [OPEN] Definitions for collect, retain, use, and share are
+           awaiting WG decision following call for objections.
+        </p>
       </section>
     </section>
 
@@ -428,8 +439,7 @@
         </p>
         
         <p class="issue" data-number="176" title="Requirements on intermediaries/isps and header insertion that might affect tracking">[OPEN]</p>
-
-		<p class="issue" data-number="153" title="What are the implications on software that changes requests but does not necessarily initiate them?">[PENDING REVIEW]</p>
+        <p class="issue" data-number="153" title="What are the implications on software that changes requests but does not necessarily initiate them?">[PENDING REVIEW]</p>
       </section>
 
       <section id='js-dom'>
@@ -551,6 +561,13 @@
        / %x55   ; "U" - updated
           </pre>
 
+          <p class="note">
+            [Editorial: The previous values of "1" and "3" to indicate the designated
+            resource complies with first or third party requirements,
+            respectively, have been removed because they are dependent on a
+            specific compliance regime. They can still be communicated via the
+            qualifiers.]
+          </p>
           <p class="issue" data-number="137" title="Does hybrid tracking status need to distinguish between first party (1) and outsourcing service provider acting as a first party (s)">
             <b>[PENDING REVIEW]</b> No, in practice there may be dozens of
             service providers on any given request. If the designated resource
@@ -979,6 +996,9 @@
 <dfn>compliance-v</dfn>  = array-of-refs
           </pre>
         </div>
+          <p class="issue" data-number="239" title="Should tracking status representation include an array of links for claiming compliance by reference?">
+            [RAISED] Text above is proposed resolution.
+          </p>
           <p>
             An origin server MAY send a <code><a>status-object</a></code>
             member named <code><a>qualifiers</a></code> with a string value
@@ -1056,6 +1076,18 @@
 <dfn>same-party</dfn>    = %x22 "same-party" %x22
 <dfn>same-party-v</dfn>  = array-of-refs
           </pre>
+          <p class="issue" data-number="164" title="To what extent should the same-party attribute of tracking status resource be required?">
+            [OPEN] 3 Alternatives - text is needed:<br/>
+            (A) Current draft: Resource is optional<br/>
+            (B) Alternative proposal 1: If multiple domains on a page belong
+            to the same party, then this fact SHOULD be declared using the
+            same-party attribute<br/>
+            (C) Alternative proposal 2: State that
+            user agents MAY assume that additional elements that are hosted
+            under a different URL and occur on a page and declare "intended
+            for 1st party use" are malicious unless this URL is listed in the
+            "same-party" attribute
+          </p>
           <p>
             An origin server MAY send a member named
             <code><a>audit</a></code> with an array value containing a list of
@@ -1142,17 +1174,6 @@
 <dfn>null</dfn>          = &lt;null,   as defined in [[!RFC4627]]&gt;
           </pre>
 
-		  <p class="issue" data-number="164" title="To what extent should the same-party attribute of tracking status resource be required?">
-		  [OPEN] 3 Alternatives - text is needed:<br/>
-		  (A) Current draft: Resource is optional<br/>
-		  (B) Alternative proposal 1: If multiple domains on a page belong to the 
-		  same party, then this fact SHOULD be declared using the 
-		  same-party attribute<br/>
-		  (C) Alternative proposal 2: State that user agents MAY assume that 
-		  additional elements that are hosted under a different URL and occur 
-		  on a page and declare "intended for 1st party use" are malicious unless 
-		  this URL is listed in the "same-party" attribute
-		 </p>
         </section>
 
         <section id='status-checks-not-tracked'>

Received on Sunday, 8 December 2013 06:52:27 UTC