Bumping this, as it's on the agenda for tomorrow. Nick -- I still don't understand the purpose of this proposed text. On 11/7/12 9:44 AM, David Wainberg wrote: > > On 11/7/12 1:48 AM, Nicholas Doty wrote: >> Hi David, >> >>> I'm not clear on what this is describing: >>> >>> * /A third-party could provide transparency about their own data >>> practices in order to persuade users to pre-emptively provide >>> user-granted exceptions. A third-party tracker might use a >>> machine-readable policy (for example, P3P) or some indication of >>> compliance with a self-regulatory program or auditing practice . >>> Users that care to might configure their user agents to grant >>> exceptions (and thus send DNT:0 signals) to trackers with such >>> practices./ >>> >>> Is this a suggested implementation for UA's to grant exceptions >>> based on p3p or on participation in self-reg programs? >> >> I was trying to get at the more general point that a user might >> configure their browser to send DNT:0 to a set of domains or >> resources based on some other signal besides a JavaScript-initiated >> exception request. This text isn't meant to recommend any particular >> UA implementation (this is non-normative text), but to note the >> possibility of UAs that granted exceptions based on the presence of a >> particular P3P policy, an indication of participation in an industry >> self-regulatory program, or some other insight into the relevant data >> handling practices. >> >> Happy to accept a suggestion of clearer text on this point, or to >> explain further. >> > It's confusing because it talks about what a third-party might do, but > in fact is alluding to possible UA implementations. Without UA > additional UA features, third-parties will be limited to the JS API > and UA exception storage, or out of band exceptions in a cookie or > something, right? > >
Received on Tuesday, 4 December 2012 23:22:20 UTC