- From: Matthias Schunter (Intel Corporation) <mts-std@schunter.org>
- Date: Tue, 03 Dec 2013 11:16:23 +0100
- To: Brad Kulick <kulick@yahoo-inc.com>
- CC: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
Hi Brad, thanks a lot for this input. I will keep ISSUE-153 open for now and we can discuss it tomorrow. My reading of your proposed change is that you want to ensure that only user agents themselves can transmit preferences. It would disallow anyone else to send DNT headers _even if this entity follows our requirements_. IMHO this would exclude some interesting scenarios: - A plugin synchronising preferences of a user between devices / browsers. - A intermediary service where I can manage my privacy preferences (e.g., a control panel in the OS) - A trust management plugin for browsers where DNT;1 is only sent to selected blacklisted sites (or any other policy that is more advanced than the default policies of user agents). ... For me, the requirement that all requirements must be met in order to gain permission to modify DNT headers is indeed important. This is clearly not the case for some of the tools today. Could you elaborate your concerns, i.e., why you want to exclude other entities from managing preferences - even if they adhere to our requirements? Regards, matthias Am 21.11.2013 22:04, schrieb Brad Kulick: > Matthias, > > I respectfully request we keep Issue-153 open. We’re fine with closing the rest of the issues you’ve recommended. > > To Issue-153, we believe intermediaries should *not* be allowed to alter the tracking preference in version 1.0 and to reserve this interaction between the user and web browser for now. We believe this will result in a simpler implementation path through well-known interfaces and gives everyone time to gain real-world experience to consider how best to incorporate intermediaries altering signals in transit. > > In Section 3 of the TPE, we should change the following text: > > “Likewise, a user agent extension or add-on MUST NOT alter the tracking preference unless the act of installing and enabling that extension or add-on is an explicit choice by the user for that tracking preference.” > > -to- > > “Likewise, a user agent extension or add-on MUST NOT alter the tracking preference.” > > Thanks, > > Brad > > On Nov 14, 2013, at 1:10 AM, Matthias Schunter (Intel Corporation) wrote: > >> Hi Folks, >> >> >> while we are working on the new issues, I suggest we close the set of TPE-related issues that have been PENDING REVIEW for many months. These document the outcome of our former discussions on TPE where we reached a conclusion that resulted in text. For each of those issues, the text resolving the issue is already included into the TPE spec (and has been there for a long time). >> >> Please: Validate that you can live with the resolution of the enclosed issues (Deadline: December 03). >> >> In case you want to object to closing an issue, please provide the required documentation (see "the plan"), i.e., roughly you should say why the issue cannot be closed, what concern you have that is not addressed, and what alternative text you proposed to mitigate your concern. >> >> >> Thanks a lot! >> >> matthias >> >> --------------8<------------------ >> http://www.w3.org/2011/tracking-protection/track/issues/137 >> ISSUE-137: Does hybrid tracking status need to distinguish between first party (1) and outsourcing service provider acting as a first party (s) >> >> http://www.w3.org/2011/tracking-protection/track/issues/153 >> ISSUE-153: What are the implications on software that changes requests but does not necessarily initiate them? >> >> http://www.w3.org/2011/tracking-protection/track/issues/161 >> ISSUE-161: Do we need a tracking status value for partial compliance? >> >> http://www.w3.org/2011/tracking-protection/track/issues/164 >> ISSUE-164: To what extent should the "same-party" attribute of tracking status resource be required >> >> http://www.w3.org/2011/tracking-protection/track/issues/168 >> ISSUE-168: What is the correct way for sub-services to signal that they are taking advantage of a transferred exception? >> >> http://www.w3.org/2011/tracking-protection/track/issues/195 >> ISSUE-195: Flows and signals for handling "potential" out of band consent >> >> http://www.w3.org/2011/tracking-protection/track/issues/197 >> ISSUE-197: How do we notify the user why a Disregard signal is received? >>
Received on Tuesday, 3 December 2013 10:16:48 UTC