Re: TPE Document, S2.3 P1

+1

Should we also discuss upcoming protocols like SPDY?
http://www.chromium.org/spdy

This is a binary HTTP-like protocol designed to speed up the web experience
significantly.  My understanding is we might see native support in browsers
and mobile devices in the near future (For example, the recent Amazon Silk
browser utilizes SPDY for its cloud based browsing mode).

As a general note, it might be worthwhile to write this spec in a way that
tries to be 'future proof' with regards to the specifics of how users
consume 'the web'.

-a

On Mon, Oct 31, 2011 at 11:28 AM, Roy T. Fielding <fielding@gbiv.com> wrote:

> On Oct 31, 2011, at 9:56 AM, Jules Polonetsky wrote:
>
> > Why can't apps be included as a target for this standard? Users
> increasingly
> > will click on an icon on their phone, unaware of whether it is an app or
> > html 5 or even a bookmark.  Already today, when I want to opt-out of ad
> > targeting on a mobile site and ad target in an app, I need to opt-out of
> the
> > same ad network in 2 different ways (one a click to get an opt-out
> cookie,
> > one I need to provide my device ID to the ad network to keep it on an
> > opt-out list...if the ad network provides such a choice). With the
> advent of
> > device fingerprinting, targeting by mac address and other new identifiers
> > used for app targeting, DNT for apps should be a priority.
>
> I think that the existing text applies DNT for any app that has the effect
> of browsing the user from one site to another site (i.e., cross-site
> tracking).
> Likewise, if an HTML app uses the device's built-in browser, then it will
> be subject to the browser's config.
>
> There are many privacy concerns having to do with any use of HTTP, but I
> don't
> think we are scoped with "all privacy over HTTP".  In particular, we don't
> prevent people from installing a non-privacy-inducing app (e.g., facebook).
>
> ....Roy
>