W3C home > Mailing lists > Public > public-tracking@w3.org > October 2014

Re: tracking-ISSUE-266: automatic expiration of a tracking preference exception via API parameter [TPE Last Call]

From: David (Standards) Singer <singer@apple.com>
Date: Wed, 08 Oct 2014 17:22:02 -0700
Cc: Nicholas Doty <npdoty@w3.org>, Tracking Protection Working Group <public-tracking@w3.org>
Message-id: <78AFD522-4EF0-43E2-9FFD-3E8CC462A230@apple.com>
To: Mike O'Neill <michael.oneill@baycloud.com>
I am still unclear as to why a *site* would think an exception needs to expire.

I understand why cookies can expire; they can be used to record information that is intended to be transient (e.g. a login state, the content of a shopping basket).

But sites ask for exceptions when their operation depends on it.

If they *need* to do an expiry, or re-confirmation periodically, I think it would be easier for them to set a cookie and then effectively get an active reminder (if the exception exists and the cookie does not).

I do not think that exceptions are cookie-like enough to justify the complexity, myself.

On Sep 28, 2014, at 4:54 , Mike O'Neill <michael.oneill@baycloud.com> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> As promised, here is the WebIDL for automatic expiry in a ReSpec file, to replace the section “7.4.1 API to Request a Site-specific Exception”.
> The web-wide API uses the same property bag so does not need changing.
> I mirrored  both the Max-Age and Expires attributes with Max-Age taking precedence as it does in RFC6265.
> It is pretty self-evident but if people think it is necessary I can also write a descriptive paragraph to go into the Exception model section.
> Mike
>> -----Original Message-----
>> From: Nicholas Doty [mailto:npdoty@w3.org]
>> Sent: 25 September 2014 01:24
>> To: Tracking Protection Working Group
>> Subject: Re: tracking-ISSUE-266: automatic expiration of a tracking preference
>> exception via API parameter [TPE Last Call]
>> 
>> *** gpg4o | Unknown Signature from 40203EE90BBAB306 1 2 01 1411604644 9
>> ***
>> 
>> This is the more specific issue we decided to open in discussing issue-258
>> regarding automatic expiration in general. Mike O'Neill has voluntereed to write
>> up a text proposal for it this weekend.
>> 
>> Thanks,
>> Nick
>> 
>> On September 24, 2014, at 5:16 PM, Tracking Protection Working Group Issue
>> Tracker <sysbot+tracker@w3.org> wrote:
>> 
>>> tracking-ISSUE-266: automatic expiration of a tracking preference exception
>> via API parameter [TPE Last Call]
>>> 
>>> http://www.w3.org/2011/tracking-protection/track/issues/266
>>> 
>>> Raised by: Rob van Eijk
>>> On product: TPE Last Call
>>> 
>>> In discussing the automatic expiration Last Call comment, we decided to open
>> a separate issue for any proposals for an API parameter for storing user-granted
>> exceptions to tracking preferences.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.13 (MingW32)
> Comment: Using gpg4o v3.3.26.5094 - http://www.gpg4o.com/
> Charset: utf-8
> 
> iQEcBAEBAgAGBQJUJ/bdAAoJEHMxUy4uXm2JjRkIAMDOGlMeF+d2bTD7kcA0Evm3
> YCYZr6/J9xRDCo/cJUcDSeDb3Ogd8Lk+rqwmq0WuO4+vaGC/BlV1sU2D0jMIETPv
> 3WBj2susnaziPevvxivo6StcVu9Fs+7NZsYdfRYmMX+ms9mscFw18g8li+u0jkfL
> 1KYoyTqs0Yu8m0kk7lqVyj8PPWTeMFsOe1MwSlY7J9XBKZu/80amQ+U58GSS/Nyi
> EuRVUPDltXBgBYFOqUSY/1t6FSJVwAG4qQzW3+lMTt/SrGvRoSrh1Iv7H7b5RGP5
> VrMuu+6gUMsbcthdrryUs/LO4OD6IwkdrzS6T1DnSPmYYQPC49BCLWIILMze9NE=
> =ta2F
> -----END PGP SIGNATURE-----
> <PGPexch.htm><tpe_expiry.html><PGPexch.htm.sig><tpe_expiry.html.sig>

David Singer
Manager, Software Standards, Apple Inc.
Received on Thursday, 9 October 2014 00:22:33 UTC

This archive was generated by hypermail 2.3.1 : Friday, 3 November 2017 21:45:24 UTC