- From: Matthias Schunter (Intel Corporation) <mts-std@schunter.org>
- Date: Tue, 04 Jun 2013 19:06:55 +0200
- To: Rigo Wenning <rigo@w3.org>, "public-tracking@w3.org" <public-tracking@w3.org>, "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org>
Hi Rigo, Thanks for the text. Unless I receive other statements, I see this as a way forward towards an agreement. In this case, we should discuss the proposed text during this call (or one of the subsequent calls). Matthias > -----Original Message----- > From: Rigo Wenning [mailto:rigo@w3.org] > Sent: Tuesday, June 04, 2013 5:00 PM > To: public-tracking@w3.org; Matthias Schunter (Intel Corporation) > Subject: Text for ISSUE-164 > > Hi Matthias, > > I think SHOULD and MUST are off the table AFAIK. But I still would like to > include the non-normative text below. (English native speakers please > correct or shorten) > > --Rigo > > On Tuesday 04 June 2013 15:04:47 Matthias Schunter wrote: > > ISSUE-164: To what extent should the "same-party" attribute of > > tracking status resource be required > > http://www.w3.org/2011/tracking-protection/track/issues/164 > > (A) Current draft: Resource is optional > > (B) Alternative proposal 1: If multiple domains on a page belong to > > the same party, then this fact /SHOULD/ be declared using the > > same-party attribute > > (C) Alternative proposal 2: State that user agents /MAY/ assume that > > additional elements that are hosted under a different URL and occur on > > a page and declare "intended for 1st party use" are malicious unless > > this URL is listed in the "same-party" attribute > > => Concrete text is needed to issue a call > > Suggested Text for option C: > > A user experience on the web can be composed of elements from a variety > of resources that are assembled into one user experience by the user agent. > Many of those resources, even under different domain names, may belong > to the same data controller or to service providers that act as data > processors for the controller. > > A user agent fetching elements from different resources may want to check > whether a claim from a resource to be under control by the same party is > backed by the first party the service claims to cater to. This is especially the > case if elements from a different origin have to be mashed up. The user > agent can check whether such claims are backed by the first party of the top > origin by verifying the <code>same- party</code> declaration of that origin. > In case the service provider's claim is not backed by the first party of the > initial origin, a user agent may decide to block such elements or resources. > > > Intel GmbH Dornacher Strasse 1 85622 Feldkirchen/Muenchen, Deutschland Sitz der Gesellschaft: Feldkirchen bei Muenchen Geschaeftsfuehrer: Christian Lamprechter, Hannes Schwaderer, Douglas Lusk Registergericht: Muenchen HRB 47456 Ust.-IdNr./VAT Registration No.: DE129385895 Citibank Frankfurt a.M. (BLZ 502 109 00) 600119052
Received on Thursday, 6 June 2013 06:42:15 UTC