Re: Summary of Options for 1P Learning of 3P DNT Status from Jonathan Mayer on 2011-10-29 (public-tracking@w3.org from October 2011)

From: Jonathan Mayer <jmayer@stanford.edu>
Date: Fri, 28 Oct 2011 21:53:22 -0700
To: Karl Dubost <karld@opera.com>
Cc: "public-tracking@w3.org Group WG" <public-tracking@w3.org>
Message-Id: <837ABE77-8E61-4E00-8848-C89FF0F474FA@stanford.edu>

On Oct 28, 2011, at 11:22 AM, Karl Dubost wrote:

> Jonathan,
> 
> Le 26 oct. 2011 à 03:13, Jonathan Mayer a écrit :
>> 1) The third party notifies the first party through inter-frame communication (e.g. postMessage or fragment identifiers). 
> 
> Do you have an example of what you mean by fragment identifier. 
> These have already a semantic and properties and I wonder how 
> you would use them practically.

Before postMessage, inter-frame communication often used the window.location.hash property.  For an example, see http://www.onlineaspect.com/2010/01/15/backwards-compatible-postmessage/

> 
>> 2) The third party notifies the first party through backend communication.  For example, the the first and third parties share a unique session identifier, and the first party makes a RESTful call to the third party.
> 
> You might mean an HTTP request here. RESTful has also a precise 
> meaning that I have rarely seen in deployed APIs.

The implementation could be RESTful.  It need not be.  Just an example.

> 
>> Drawbacks:
>> -The first and third parties have to establish a shared identifier, add support for a backend protocol, and do realtime backend data sharing
> 
> what do you mean by realtime?

For most of the use cases we've discussed, a first party has to know each third party's Do Not Track status during page load.

> 1, A client makes an HTTP request with a URI
> 2. A server might answer with a representation <A> for this URI.
> 3. This representation <A> might contain link to other resources. The client might choose to request them.
> 4. The client prioritizes the requests according to certain rules. 
> 
> One point of the Web architecture is that if I do a request on domain1 and domain2, they are not aware of each other. Sharing identifiers seem a bad idea for separation of concerns and for the users. I usually prefer solutions where the user decide what is acceptable for him, and not having the parties negotiating what is good for users.
> 
> 
> -- 
> Karl Dubost - http://dev.opera.com/
> Developer Relations & Tools, Opera Software
>

Received on Saturday, 29 October 2011 04:53:53 UTC