- From: Roy T. Fielding <fielding@gbiv.com>
- Date: Wed, 26 Jun 2013 01:39:52 -0700
- To: Nicholas Doty <npdoty@w3.org>
- Cc: "Mike O'Neill" <michael.oneill@baycloud.com>, "public-tracking@w3.org public-tracking@w3.org" <public-tracking@w3.org>
On Jun 26, 2013, at 1:22 AM, Nicholas Doty wrote: > Providing non-normative text suggesting a convention for cookies used for out-of-band consent sounds similar to Roy's proposal that we drop the JS APIs altogether in favor of such conventions. Roy, CCed, do you think providing such conventions (in a non-normative way) would be a useful way forward? No. OOBC is (by definition) not specified by the protocol. My suggestion was that our in-band UGE be replaced by an in-band opt-in consent mechanism based on a specially named cookie, not that we specify out of band mechanisms. A site might obtain user consent via any number of mechanisms, including old-school written contracts with definite term periods. We cannot specify how such consent is obtained, nor can we require that consent be revocable on demand. ....Roy
Received on Wednesday, 26 June 2013 08:40:16 UTC