- From: Roy T. Fielding <fielding@gbiv.com>
- Date: Mon, 22 Sep 2014 14:17:40 -0700
- To: Mike O'Neill <michael.oneill@baycloud.com>
- Cc: "'Tracking Protection Working Group'" <public-tracking@w3.org>
On Sep 22, 2014, at 12:42 PM, Mike O'Neill wrote: > A sunset period for tracking consent has been called for by the DPAs in Europe with the CNIL specifying no more than 13 months. Some responsible companies may want it to default to less than that, or give the user an option. > > There is no reason that the API could not be extended to support that with an expiry/max-age parameter as in cookies. Otherwise it would be left to the user agents to come up with arbitrary defaults. That would be a technical change to the API to be set by each server, not a global default expiration of 13 months (an entirely arbitrary number). If you want to suggest that the UGE APIs contain an expiration parameter, then now is the time to do so. I think that should be considered a separate issue, since the WP comments were intending a global default. ....Roy
Received on Monday, 22 September 2014 21:18:03 UTC