- From: David Singer <singer@mac.com>
- Date: Mon, 28 Aug 2017 08:06:24 -0700
- To: "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org>
- Cc: "public-tracking@w3.org (public-tracking@w3.org)" <public-tracking@w3.org>
> On Aug 25, 2017, at 7:30 , Matthias Schunter (Intel Corporation) <mts-std@schunter.org> wrote: > > Dear TPWG, > > > I had a quick chat with Mike. Our proposal is to: > (a) rollback the editors draft to our original consensus Can you state what you think that consensus was (i.e. which consensus?) > (b) suggest to add an implementation recommendation that helps > mitigating the fingerprinting risk: By limiting the number of > site-specific UGE that a domain can store, we also limit the capability > to fingerprint. I don’t get it. The fingerprinting risk comes from a single site that stores subtly different exceptions with different users. How can we even detect, let alone enforce against, this happening? > > Below are more detailed notes. > > Any comments and feedback are welcome! > > Note that we are aware that anyone (including sub-resources) can store > web-wide exceptions. I suggest to see how the adoption evolves and then > browsers can determine whether additional checks and balances may be needed. > > > Regards, > matthias > > > ------------------8<--- > > Original (still valid) consensus: > - 1st party and third parties > - can ask for web-wide and site-specific UGE > - both for the script origin only > > Current editors draft: > - 1st party > - can ask for web-wide and targeted UGE > - both for the script origin only > - third parties > - can ask (only) for site-specific UGE > - web-wide is not allowed > > Shortcomings of the current draft: > - site-specific UGE poses fingerprinting risk (Mike) > - web-wide for sub-element are needed for > consent portal (Shane) > > Proposed modifications of the editors draft: > - Back to original consensus (to address Shane's usage) > - 1st party and third parties > - can ask for web-wide and site-specific UGE > - both for the script origin only > - Mitigate fingerprinting risk by NOTE that suggests > that browsers may limit the number of stored site-specific > exceptions per top-level domain. > > Assessment of proposed consensus: > + A compliance portal (e.g. google) can now register web-wide UGE for > same party domains (e.g. youtube). > + The limited number of site-specific user-granted exceptions can > minimize fingerprinting risk > - If web-wide user-granted exceptions are mis-used, additional checks > and balances may be needed in the future. > Dave Singer singer@mac.com
Received on Monday, 28 August 2017 15:06:55 UTC