Re: ISSUE-161: Discussion of semantics and alternatives to "!"

On Apr 16, 2013, at 5:51 , Jonathan Mayer <jmayer@stanford.edu> wrote:

> Some in the group, myself included, prefer to not facilitate selective noncompliance with Do Not Track or second-guessing syntactically valid DNT: 1 signals.  The semantics of "D", "!", or any similar status should remain OPEN.

I certainly agree that second-guessing DNT signals is … at best, questionable.  However, IF it is going to happen, I am strongly supportive of transparency back to the user, which this flag supplies.  I wish it were not needed.

> 
> Jonathan
> 
> On Monday, April 15, 2013 at 3:36 AM, Matthias Schunter (Intel Corporation) wrote:
> 
>> Hi!
>> 
>> PS: We included the discussion of the new flag "D" (disregard) that signals that a site has chosen to disregard a DNT signal
>> also under ISSUE-161. In the latest version of the TPE, both flags "D" and "!" are included as options and marked with ISSUE-161.
>> 
>> The goal of this flag is to allow sites that choose to disregard a signal (which is done today already) to provide transparency to the user.
>> This allows the user agent and user to be aware of this fact and consider options for remediation.
>> 
>> 
>> Regards,
>> matthias
>> 
>> 
>> On 15/04/2013 12:03, Matthias Schunter (Intel Corporation) wrote:
>>> Hi David/Jonathan,
>>> 
>>> 
>>> thanks a lot for the pushback ;-)
>>> 
>>> I overlooked that ISSUE-161 is still discussed.
>>> 
>>> My interpretation of "!" is that the site makes no claims whatsoever and does not claim to comply with our standard. It can post a "!" for whatever reasons it likes. Examples include testing, debugging, problems with enforcement, not liking DNT, ...
>>> Since the site says "I do not follow DNT", it is equivalent of not posting any DNT-related information and furthermore, if a site posts "!" it is not bound by any constraint that we make. The goal was to, e.g., allow 
>>> a site to build the DNT infrastructure (including a "!" flag) while then removing the "!" once everything works. It is basically a shortcut for removing all DNT-related infos from a site.
>>> 
>>> I believe that such a signal is useful and I do not see any harm (feel free to explain the downside if you see any).
>>> 
>>> Could someone sketch potential alternative semantics and/or additional signals that are needed within the scope of ISSUE-161?
>>> 
>>> 
>>> Regards.
>>>  matthias
>>> 
>>> On 12/04/2013 17:03, David Wainberg wrote:
>>>> Hi Matthias,
>>>> 
>>>> On 161, the "!" signal, while we do seem to have consensus on the signal, I do not believe we have reached consensus on the precise meaning or the language describing it in the spec. Therefore, the issue should remain open.
>>>> 
>>>> -David
>>>> 
>>>> On 4/12/13 9:00 AM, Matthias Schunter (Intel Corporation) wrote:
>>>>> Hi Folks,
>>>>> 
>>>>> as part of our final cleanup in preparation of our next working draft, I suggest to close the issues listed below.
>>>>> 
>>>>> Please respond by April 16 if you cannot live with the proposed resolution of those issues.
>>>>> If you do so, please include a justification and describe what concern of yours is not addressed in
>>>>> the currently documented draft of the TPE.
>>>>> 
>>>>> Regards,
>>>>>  matthias
>>>>> 
>>>>> --------------
>>>>> 
>>>>> ISSUE-112<Untitled.png>	OPEN	How are sub-domains handled for site-specific exceptions?	
>>>>> http://www.w3.org/2011/tracking-protection/track/issues/112
>>>>> 
>>>>> REASON:
>>>>> - We agreed to use cookie-matching-like wildcards and rules to allow
>>>>>   for code-reuse in user agents
>>>>> - This is reflected in the spec
>>>>> 
>>>>> ISSUE-144<Untitled.png>	
>>>>> User-granted Exceptions: Constraints on user agent behavior while granting and for future requests?http://www.w3.org/2011/tracking-protection/track/issues/144
>>>>> 
>>>>> REASON: In the new exception model, user agents are required to communicate the status of an exception.
>>>>>  The status may be changed by end users and no further requirements are needed. This is reflected in the spec.
>>>>> 
>>>>> NOTE: We still have an open issue whether user agents are required to implement the exception API.
>>>>> 
>>>>> ISSUE-161<Untitled.png>	
>>>>> o we need a tracking status value for partial compliance or rejecting DNT?http://www.w3.org/2011/tracking-protection/track/issues/161
>>>>> 
>>>>> RESOLUTION: 
>>>>> - We defined a "!" indicator that says that the site is not claiming to comply (e.g., maintenance / under construction)
>>>>> 
>>>>> ISSUE-185<Untitled.png>
>>>>> WebWide Not	
>>>>> There should not be an API for web-wide exceptionshttp://www.w3.org/2011/tracking-protection/track/issues/185
>>>>> 
>>>>> RESOLUTION:
>>>>> - We reached agreement that there will be an API for web-side exceptions
>>>>> 
>>>>> ISSUE-143<Untitled.png>
>>>>> Reciprocal Consent	
>>>>> Activating a Tracking Preference must require explicit, informed consent from a userhttp://www.w3.org/2011/tracking-protection/track/issues/143
>>>>> 
>>>>> REASON:
>>>>> - We will have this discussion as part of ISSUE-194.
>>>>> 
>>>>> 
>>>>> 
>>>> 
>>> 
>> 
> 

David Singer
Multimedia and Software Standards, Apple Inc.

Received on Tuesday, 16 April 2013 03:43:46 UTC