Re: My logfile of potential TPE changes and features to be put at risk from David Singer on 2016-09-23 (public-tracking@w3.org from September 2016)

From: David Singer <singer@apple.com>
Date: Fri, 23 Sep 2016 10:37:48 +0100
To: "Schunter, Matthias" <matthias.schunter@intel.com>
Cc: "Roy T. Fielding" <fielding@gbiv.com>, Matthias Schunter <mts-std@schunter.org>, "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
Message-id: <1EDB3C30-2C12-4208-88A5-82285C464344@apple.com>

> On Sep 23, 2016, at 10:33 , Schunter, Matthias <matthias.schunter@intel.com> wrote:
> 
> Btw an Alternative fix to the 'not enabled 'case could be to ignore exceptions API calls (or return errors( if DNT is not enabled. I.e. the API is only active once a user has chosen to enable DNT. 
> 
> Let us discuss our options before fixing the inconsistency…

My suggestion is to edit the sentence and add “or if one or more exceptions are in effect” to the end of it.

> 
> Matthias
> 
> Gesendet von meinem Alcatel Onetouch Idol 3 (4.7)
> 
> am 23.09.2016 11:03, David Singer <singer@apple.com> schrieb:
> 
> > On Sep 22, 2016, at 20:04 , Roy T. Fielding <fielding@gbiv.com> wrote:
> > 
> >> On Sep 22, 2016, at 4:09 AM, Matthias Schunter (Intel Corporation) <mts-std@schunter.org> wrote:
> >> 
> >> (Editorial) Changes to TPE
> >> - Change fingerprinting section and extend it to a privacy and security
> >> section
> > 
> > The entire spec is about privacy and security.  We would have to narrow
> > that quite a bit, such as "privacy bits specific to the TPE protocol"
> > or some such.
> 
> I think we need to do the security and privacy review; for example, exceptions are a new state-recording mechanism.  DNT headers add to the fingerprinting surface. Contacting a site to find its well-known resource means, well, you’ve contacted it. Could a WKR be malformed to cause security risks?  And so on.
> 
> > 
> >> - Change definition of "enabled" to also include exceptions: Once you
> >> recorded an exception, you implicitly enabled the feature.
> > 
> > That would not be editorial because the term is used in normative requirements.
> > In any case, it isn't necessary: read the last two paragraphs of
> > 
> >  https://www.w3.org/TR/tracking-dnt/#determining
> 
> OK.  But we have a bug; we currently have text that says the header is only sent when DNT is enabled, but later we learn that a site can register an exception even when it’s not, which will cause a DNT header to be sent when applicable, even though the general preference is not enabled.  That’s an editorial bug (the statement that it’s only sent when enabled claims to be a statement of fact, not a requirement).
> 
> 
> David Singer
> Manager, Software Standards, Apple Inc.
> 
> 
> Intel Deutschland GmbH
> Registered Address: Am Campeon 10-12, 85579 Neubiberg, Germany
> Tel: +49 89 99 8853-0, www.intel.de
> Managing Directors: Christin Eisenschmid, Christian Lamprechter
> Chairperson of the Supervisory Board: Nicole Lau
> Registered Office: Munich
> Commercial Register: Amtsgericht Muenchen HRB 186928
> 

David Singer
Manager, Software Standards, Apple Inc.

Received on Friday, 23 September 2016 09:38:25 UTC