Re: tracking-ISSUE-183 (Tk E ): Additional Tk header status value for EU [Tracking Preference Expression (DNT)]

This topic has also come up in reviewing the questions David Singer set out on the needs for the server response. My understanding of the current draft text is that the "3" value is intended to cover resources that are used in a first- or third-party context but comply with the defined requirements for third-parties. Whether in the EU or US, many of us expect that there will be many resources served in a first-party context that comply with third-party requirements.

Do we as a group think it's important for a resource to indicate separately that it's being served in a first-party context even though it's complying with the stricter third-party requirements? Would users/user agents do anything different in that situation?

If not (and I don't personally know of an advantage there), then I think the existing tracking status values will suffice.

—Nick

On Oct 21, 2012, at 4:28 PM, Tracking Protection Working Group Issue Tracker <sysbot+tracker@w3.org> wrote:

> tracking-ISSUE-183 (Tk E ): Additional Tk header status value for EU [Tracking Preference Expression (DNT)]
> 
> http://www.w3.org/2011/tracking-protection/track/issues/183
> 
> Raised by: Mike O'Neill
> On product: Tracking Preference Expression (DNT)
> 
> In Europe and other jurisdictions the requirement will probably be that resource handlers accessed in a first-party context conform as a third-party. 
> 
> In these cases resource handlers could place a Tk header in the response with a status of 3 “The designated resource is designed for use within a third-party context and conforms to the requirements on a third party”, but the value and the text are confusing in this situation. Even though the overwhelming majority of these resource handlers will have been designed for use in a first-party context the Tk  response they emit portrays them as third-party.
> 
> This could cause confusion for implementers, leading to a loss of interoperability.
> 
> It might be better to insert a new single character status value ( in paragraph 5.2) for this situation for instance:
> 
> E     The designated resource may be designed for use in a first-party context but conforms to the requirements on a third party.
> 
> This is functionally similar to the 3 response but be more appropriate for the majority case in these jurisdictions.

Received on Tuesday, 23 October 2012 00:15:51 UTC