Re: ISSUE-161: Discussion of semantics and alternatives to "!" from Matthias Schunter (Intel Corporation) on 2013-04-16 (public-tracking@w3.org from April 2013)

From: Matthias Schunter (Intel Corporation) <mts-std@schunter.org>
Date: Tue, 16 Apr 2013 09:59:43 +0200
To: public-tracking@w3.org
Message-ID: <516D04EF.1040808@schunter.org>
Hi Jonathan,


thanks for the comments on ISSUE-161. During the coming discussion, I 
would like to understand the underlying concerns or envisioned risks of 
"selective noncompliance" in order to discuss alternatives.

FYI: The responses "!" and "D" are currently marked as "OPTION" in the 
TPE and are associated with ISSUE-161.
Based on the comments received, ISSUE-161 remains in the PENDING_REVIEW 
state (we have text proposed and continue discuss it).


Regards,
matthias

On 15/04/2013 23:51, Jonathan Mayer wrote:
> Some in the group, myself included, prefer to not facilitate selective 
> noncompliance with Do Not Track or second-guessing syntactically valid 
> DNT: 1 signals.  The semantics of "D", "!", or any similar 
> status should remain OPEN.
>
> Jonathan
>
> On Monday, April 15, 2013 at 3:36 AM, Matthias Schunter (Intel 
> Corporation) wrote:
>
>> Hi!
>>
>> PS: We included the discussion of the new flag "D" (disregard) that 
>> signals that a site has chosen to disregard a DNT signal
>> also under ISSUE-161. In the latest version of the TPE, both flags 
>> "D" and "!" are included as options and marked with ISSUE-161.
>>
>> The goal of this flag is to allow sites that choose to disregard a 
>> signal (which is done today already) to provide transparency to the user.
>> This allows the user agent and user to be aware of this fact and 
>> consider options for remediation.
>>
>>
>> Regards,
>> matthias
>>
>>
>> On 15/04/2013 12:03, Matthias Schunter (Intel Corporation) wrote:
>>> Hi David/Jonathan,
>>>
>>>
>>> thanks a lot for the pushback ;-)
>>>
>>> I overlooked that ISSUE-161 is still discussed.
>>>
>>> My interpretation of "!" is that the site makes no claims whatsoever 
>>> and does not claim to comply with our standard. It can post a "!" 
>>> for whatever reasons it likes. Examples include testing, debugging, 
>>> problems with enforcement, not liking DNT, ...
>>> Since the site says "I do not follow DNT", it is equivalent of not 
>>> posting any DNT-related information and furthermore, if a site posts 
>>> "!" it is not bound by any constraint that we make. The goal was to, 
>>> e.g., allow
>>> a site to build the DNT infrastructure (including a "!" flag) while 
>>> then removing the "!" once everything works. It is basically a 
>>> shortcut for removing all DNT-related infos from a site.
>>>
>>> I believe that such a signal is useful and I do not see any harm 
>>> (feel free to explain the downside if you see any).
>>>
>>> Could someone sketch potential alternative semantics and/or 
>>> additional signals that are needed within the scope of ISSUE-161?
>>>
>>>
>>> Regards.
>>>  matthias
>>>
>>> On 12/04/2013 17:03, David Wainberg wrote:
>>>> Hi Matthias,
>>>>
>>>> On 161, the "!" signal, while we do seem to have consensus on the 
>>>> signal, I do not believe we have reached consensus on the precise 
>>>> meaning or the language describing it in the spec. Therefore, the 
>>>> issue should remain open.
>>>>
>>>> -David
>>>>
>>>> On 4/12/13 9:00 AM, Matthias Schunter (Intel Corporation) wrote:
>>>>> Hi Folks,
>>>>>
>>>>> as part of our final cleanup in preparation of our next working 
>>>>> draft, I suggest to close the issues listed below.
>>>>>
>>>>> Please respond by April 16 if you cannot live with the proposed 
>>>>> resolution of those issues.
>>>>> If you do so, please include a justification and describe what 
>>>>> concern of yours is not addressed in
>>>>> the currently documented draft of the TPE.
>>>>>
>>>>> Regards,
>>>>>  matthias
>>>>>
>>>>> --------------
>>>>>
>>>>> ISSUE-112 
>>>>> <http://www.w3.org/2011/tracking-protection/track/issues/112>(edit) <http://www.w3.org/2011/tracking-protection/track/issues/112/edit> 
>>>>>  OPEN  How are sub-domains handled for site-specific exceptions? 
>>>>> <http://www.w3.org/2011/tracking-protection/track/issues/112>  
>>>>>
>>>>> http://www.w3.org/2011/tracking-protection/track/issues/112
>>>>>
>>>>> REASON:
>>>>> - We agreed to use cookie-matching-like wildcards and rules to allow
>>>>>   for code-reuse in user agents
>>>>> - This is reflected in the spec
>>>>>
>>>>> ISSUE-144 
>>>>> <http://www.w3.org/2011/tracking-protection/track/issues/144>(edit) <http://www.w3.org/2011/tracking-protection/track/issues/144/edit> 
>>>>>  
>>>>>  User-granted Exceptions: Constraints on user agent behavior while 
>>>>> granting and for future requests? 
>>>>> <http://www.w3.org/2011/tracking-protection/track/issues/144>
>>>>>
>>>>> http://www.w3.org/2011/tracking-protection/track/issues/144
>>>>>
>>>>> REASON: In the new exception model, user agents are required to 
>>>>> communicate the status of an exception.
>>>>>  The status may be changed by end users and no further 
>>>>> requirements are needed. This is reflected in the spec.
>>>>>
>>>>> NOTE: We still have an open issue whether user agents are required 
>>>>> to implement the exception API.
>>>>>
>>>>> ISSUE-161 
>>>>> <http://www.w3.org/2011/tracking-protection/track/issues/161>(edit) <http://www.w3.org/2011/tracking-protection/track/issues/161/edit> 
>>>>>  
>>>>>  o we need a tracking status value for partial compliance or 
>>>>> rejecting DNT? 
>>>>> <http://www.w3.org/2011/tracking-protection/track/issues/161>
>>>>>
>>>>> http://www.w3.org/2011/tracking-protection/track/issues/161
>>>>>
>>>>> RESOLUTION:
>>>>> - We defined a "!" indicator that says that the site is not 
>>>>> claiming to comply (e.g., maintenance / under construction)
>>>>>
>>>>> ISSUE-185 
>>>>> <http://www.w3.org/2011/tracking-protection/track/issues/185>(edit) <http://www.w3.org/2011/tracking-protection/track/issues/185/edit>
>>>>> WebWide Not  
>>>>>  There should not be an API for web-wide exceptions 
>>>>> <http://www.w3.org/2011/tracking-protection/track/issues/185>
>>>>>
>>>>> http://www.w3.org/2011/tracking-protection/track/issues/185
>>>>>
>>>>> RESOLUTION:
>>>>> - We reached agreement that there will be an API for web-side 
>>>>> exceptions
>>>>>
>>>>> ISSUE-143 
>>>>> <http://www.w3.org/2011/tracking-protection/track/issues/143>(edit) <http://www.w3.org/2011/tracking-protection/track/issues/143/edit>
>>>>> Reciprocal Consent  
>>>>>  Activating a Tracking Preference must require explicit, informed 
>>>>> consent from a user 
>>>>> <http://www.w3.org/2011/tracking-protection/track/issues/143>
>>>>>
>>>>> http://www.w3.org/2011/tracking-protection/track/issues/143
>>>>>
>>>>> REASON:
>>>>> - We will have this discussion as part of ISSUE-194.
>>>>>
>>>>>
>>>>>
>>>>
>>>
>>
>
Received on Tuesday, 16 April 2013 08:00:09 UTC