- From: Nicholas Doty <npdoty@w3.org>
- Date: Tue, 1 May 2012 18:28:42 -0700
- To: Kevin Smith <kevsmith@adobe.com>
- Cc: Tracking Protection Working Group <public-tracking@w3.org>
On Apr 30, 2012, at 4:25 PM, Kevin Smith wrote: > It's important to remember that implementing origin/origin exception precludes the use of most common advertising mechanisms in use on the web today. Therefore, each of the use cases below would need to be prefaced with something like "A site that does not participate in traditional advertising and ...", which would not necessarily reduce the number of use cases, but would likely significantly limit the potential pool of implementers. I agree with Matthias - I am not sure we should invest more time, effort and complexity to standardize something simply because we can think of a possible use case. There should be some level of demand for that use case established as well. What do you mean by "precludes"? In the current draft, sites could EITHER specify a list of origin pairs OR a "*" if, for example, they use an advertising mechanism where they don't know ahead of time which third party domains need an exception. (I think you understand this, but sometimes I'm not sure it's clear to everyone.) I agree that the sites that would use the list parameter would be the sites that aren't already using a "*" call to request an exception for every advertiser and requiring that opt-in in order to visit the site. (There could be sites that make a "*" call but have a fall-back option to request a smaller set if the user rejects the "*" request, as in the "sets of purposes" case.) I'm not certain what the additional effort is to standardize this given that we've already written the spec that includes origin pairs as well as the "*" option. Thanks, Nick
Received on Wednesday, 2 May 2012 01:28:56 UTC