Re: ACTION-43: added user-agent-managed site-specific exception proposal to Editor's Draft

Hey Nick,

Here are some comments I've got after taking a first cursory look at the addition. "User agents MUST provide a user interface prompting the user to choose whether to provide site-specific exceptions to Do Not Track for the requested origins, or, if pre-configured to accept or reject these permissions, respond with the user’s previously configured preference."
-> This sounds like "User agents MUST do X, or not."  This is weak and doesn't seem to be normative as intended.  I think this would be better as "User agents SHOULD do X, or Y, or something equivalent."  Getting too detailed here is at risk of violating "Questions of user interface specifics — for granting, configuring, storing, syncing and revoking exceptions — are left open to implementers" in the first part of the section. "a third party may query this property to determine whether Do Not Track applies to its domain." It isn't clear how the third party realizes they're a third party.  Should they know?  This is precisely the conflict between HTTP-request based context and JS-runtime context. "The user agent MUST store granted site-specific exceptions in the form of a pair (document origin of the top-level document, site-specific-exception document-origin)." This violates the top part that says storage design is up to the UA.  We could define what the exception is (first+third party origins) and say the UA MUST store both or neither, but saying in what form they must be stored is thorny.

I'm still reading through, so I might follow up with a few more thoughts.


----- Original Message -----
> From: "Nicholas Doty" <>
> To: " (" <>
> Cc: "Roy T. Fielding" <>, "Shane Wiley" <>, "VINCENT (VINCENT) TOUBIANA"
> <>, "Sid Stamm" <>
> Sent: Thursday, January 5, 2012 7:18:02 PM
> Subject: ACTION-43: added user-agent-managed site-specific exception proposal to Editor's Draft
> I've added the user-agent-managed site-specific exceptions proposal
> that we discussed on December 21 to the Editor's Draft:
> This is completion of ACTION-43.
> This text includes inline references to the open issues we had around
> this proposal (including those raised during the call), hence the
> flood of new issue notifications that just hit all of your inboxes.
> If there are other issues not included in that list, please raise
> them! And we would love any more feedback on this proposal now that
> you can see it in place in the Editor's Draft. Email discussion
> would be welcome, but I suggest that we could also add this to the
> agenda for the next call.
> Thanks,
> Nick

Received on Saturday, 7 January 2012 00:54:49 UTC