- From: Matthias Schunter (Intel Corporation) <mts-std@schunter.org>
- Date: Wed, 12 Jun 2013 17:45:18 +0200
- To: public-tracking@w3.org
- Message-ID: <51B8978E.50302@schunter.org>
Hi Rob, I believe that this discussion is a new issue (while related to ISSUE-192). I closed ISSUE-192 and I have created a new ISSUE-201. Please review the issue: https://www.w3.org/2011/tracking-protection/track/issues/201 and drop me a line if this does not capture your concerns or if you want ISSUE_192 kept open for other reasons. Matthias On 06/06/2013 09:43, Rob van Eijk wrote: > > > Rob van Eijk <rob@blaeu.com> wrote: > > Revocation should be a cornerstone. > > I would therefore suggest not to close this issue and discuss how > revocation ties in with expiry or other means of undoing an exception. > > In NL for example there is most likely to be a (local law) > requirement to keep consent on record for multiple years. > > I am concerned that an indication that a granted exception at > first visit turns into an out of band consent on next visits. > Another concern is that granting an exception and undoing that are > two sides of the same coin. The undoing part could be addressed > with (automatic) expiry, revocation, clearing the browser state > etc. I do not have a complete picture of all the options to reset > a UGA. > > Without turning this into a compliance discussion, the > buildingblock to deal with revocation should be looked at more in > detail. > > Rob > > > "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org> wrote: > > Hi Team, > > enclosed is a list of TPE-related ISSUES that I believe can be closed. > Please drop me a line if you disagree and believe that some of these > issues should be kept open. > > Thanks a lot! > > matthias > > ----------------- > ISSUE-112: How are sub-domains handled for site-specific exceptions? > http://www.w3.org/2011/tracking-protection/track/issues/112 > Resolution: > - Cookie-like > - As documented in the spec > > ISSUE-152: User Agent Compliance: feedback for out-of-band consent > http://www.w3.org/2011/tracking-protection/track/issues/152 > Resolution: > - User agents (in the new model) are free to interact with users > - We do not mandate that t! > hey do > so > > ISSUE-167: Multiple site exceptions > http://www.w3.org/2011/tracking-protection/track/issues/167 > Resolution: > - No special approach for multi-site exceptions > - Based on implementation experience, we may later revisit the issue > > ISSUE-182: protocol for user agents to indicate whether a request with > DNT set is 1st party or 3rd party > http://www.w3.org/2011/tracking-protection/track/issues/182 > Resolution: > - This seems technically impossible > - As a consequence, I suggest to close > > ISSUE-192: Should exceptions have expiry date, secure flag or other > cookie-like attributes? > http://www.w3.org/2011/tracking-protection/track/issues/192 > Resolution: > - User agents may expire > exceptions (or use other mechanisms for > aligning them with user preference) > - Suggestion: No additional management mechanisms; leave TPE spec as it is > > > > > >
Received on Wednesday, 12 June 2013 15:45:44 UTC