- From: Matthias Schunter (Intel Corporation) <mts-std@schunter.org>
- Date: Wed, 30 Aug 2017 11:43:45 +0200
- To: public-tracking@w3.org
Hi Rob, thanks a lot for this good news. I would appreciate if you double check the API and send an endorsement to the list. Something like "I had a look at the API and I believe the draft is ready for CR." Thanks a lot! matthias On 29.08.2017 21:14, Rob van Eijk wrote: > The parameter may work for both use cases in the same API: (1) the > NAI/DAA style call (parameter not in dictionary means everyone)and (2) > the European ePR style call ( parameter present but set to the empty > array means no-one else). > > Rob > > -----Original message----- > *From:* David (Standards) Singer > *Sent:* Tuesday, August 29 2017, 2:53 am > *To:* Mike O'Neill > *Cc:* public-tracking@w3.org > *Subject:* Re: site-specific with no targets > > (...) I assume we can have it that — parameter missing (not in dictionary) means everyone, and parameter present but set to the empty array means no-one else. > > > David Singer > Manager, Software Standards, Apple Inc. > > > > -----Original message----- > *From:* Mike O'Neill > *Sent:* Tuesday, August 29 2017, 7:29 pm > *To:* singer@apple.com; 'Roy T. Fielding' > *Cc:* public-tracking@w3.org > *Subject:* RE: site-specific with no targets > > David, > > Yes, you should not need to remember consent in a cookie if you can set DNT to 0, and both ends know what it means, as well as regulators, researchers etc. > > Also It would be less confusing to developers if the empty array just meant "no (subresource) targets", we can signal "any and all subresources" with targets==undefined (absent) or null. > > And yes Roy, I mean the domain that the script can get from its version of document.domain. > > Mike > > > > > -----Original Message----- > From: singer@apple.com <mailto:singer@apple.com> [mailto:singer@apple.com <mailto:singer@apple.com>] > Sent: 29 August 2017 01:52 > To: Mike O'Neill <michael.oneill@baycloud.com <mailto:michael.oneill@baycloud.com>> > Cc: public-tracking@w3.org <mailto:public-tracking@w3.org> > Subject: Re: site-specific with no targets > > > > On Aug 28, 2017, at 14:15 , Mike O'Neill <michael.oneill@baycloud.com <mailto:michael.oneill@baycloud.com>> wrote: > > > > The text says that an empty array is same as null or undefined for > > site-specific targets. It would be better if an empty array just meant there > > were no targets so only the script-origin (or a subdomain of it) received > > DNT:0 > > > > Otherwise, if only wanted to register consent for the script origin and not > > any subresources, you would have to set targets to contain a non-existent > > subresource, or the script-origin domain., which is weird. > > > > > > > If you have consent from the user, and you want DNT:0 to come back only to you, and not be sent to anyone else, you really don’t need the DNT signal. Its greatest value is in sending DNT:0 to third parties with whom it is otherwise very hard to communicate. You *could* remember “I have consent” in any way you like. > > But, it would be tidier to use DNT. I’ll check, but I assume we can have it that — parameter missing (not in dictionary) means everyone, and parameter present but set to the empty array means no-one else. > > > David Singer > Manager, Software Standards, Apple Inc. > > > >
Received on Wednesday, 30 August 2017 09:44:13 UTC