action-396 signaling a transferred exception from Nicholas Doty on 2013-06-05 (public-tracking@w3.org from June 2013)

From: Nicholas Doty <npdoty@w3.org>
Date: Wed, 5 Jun 2013 00:46:48 -0700
To: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
Cc: "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org>
Message-Id: <11E1A11F-A1DB-464C-8528-E847233FC2AA@w3.org>

Hello WG,

Matthias' agenda updates on transferred exception recalls my action-396 to fill in the text proposal for how a service would indicate a transferred exception in its tracking status resource / response header.

David's placeholder text: http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#transitive-exceptions
> A named third party acquiring an exception with this mechanism MUST make sure that sub-services it uses acknowledge this constraint by requiring the use of the appropriate tracking status value and qualifier, which is "XX" (such as "tl"), from its sub-sub-services.

I had volunteered to fill in that "XX" (value and qualifier) with actual values, for which I propose "Ct" ("_C_onsent that has been _t_ransferred"). However, I believe Roy has subsequently removed the qualifiers from being characters that go along with the tracking status value, and instead made them only available in the tracking status resource in a separate "qualifiers" property in the JSON text. Under that formulation, I believe the appropriate proposal here would be a Tracking Status Value of "C" and use of a request-specific tracking status resource, where the qualifiers member includes "t".

Example:
UA sends DNT: 0 to a particular third party operating an ad exchange or ad auction; the UA is re-directed to another URL (to which the UA sends DNT: 1), but that third party has determined that it has a transferred exception from the ad exchange and replies with the HTTP response header: "Tk: C;foo". An interested UA can load /.well-known/dnt/foo to load the tracking status resource, which will indicate, among other things, "qualifiers": "t", which the UA can communicate to the user as explaining that the resource believed it had consent to tracking the request because of a transferred exception.

Thanks,
Nick

On Jun 4, 2013, at 6:04 AM, "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org> wrote:
> Related?:
>  https://www.w3.org/2011/tracking-protection/track/actions/396
> 
>  ----
> ISSUE-168: What is the correct way for sub-services to signal that they are taking advantage of a transferred exception?
> http://www.w3.org/2011/tracking-protection/track/issues/168
> 
> Proposal: 
> - "T" for transferred exception
> - Create action to add this letter to the spec

Received on Wednesday, 5 June 2013 07:46:50 UTC