Re: tracking-ISSUE-266: automatic expiration of a tracking preference exception via API parameter [TPE Last Call] from Roy T. Fielding on 2014-10-10 (public-tracking@w3.org from October 2014)

From: Roy T. Fielding <fielding@gbiv.com>
Date: Fri, 10 Oct 2014 12:32:07 -0700
To: David (Standards) Singer <singer@apple.com>
Cc: Mike O'Neill <michael.oneill@baycloud.com>, Nicholas Doty <npdoty@w3.org>, Tracking Protection Working Group <public-tracking@w3.org>
Message-Id: <0EA7DE7B-0A98-40A6-A9DB-E67B2E50F5C2@gbiv.com>

On Oct 9, 2014, at 2:13 PM, David (Standards) Singer wrote:
> No, the existence of the exception is irrelevant if you don’t go back to the site. If you do, then the site also sees the absence of the cookie (it’s expired) and knows it needs to re-acquire the exception.

That would make the UGE mechanism substantially worse than simply using
a cookie to record exceptions.  The *only* reason we have a separate UGE
API is so that UGE's survive a general cookie flush.

....Roy

Received on Friday, 10 October 2014 19:32:35 UTC