Re: Draft of the Transition Request for the updated CR of tracking-dnt

On Monday, October 2, 2017 1:03:15 AM CEST Bert Bos wrote:
> Here is a draft of the Transition Request for the updated CR. Once
> it’s ready, I’ll send it to the Director and the chairs of all WGs.
> 
> Comments and additions welcome.

Here is draft 2, with a shorter intro and better explanations under "wide review":

 
----------------------------------------------------------------------
Hello all,

We submitted a transition request for this updated CR on September 6 and by now ensured wide review. Below is a revised CR submission that addresses the feedback received.



-----------------------------------------
The Tracking Protection WG would like to update a CR with a new version containing a few substantive changes:

Title:       Tracking Preference Expression (DNT)
URL:         https://www.w3.org/TR/tracking-dnt/
CR preview:  https://w3c.github.io/dnt/drafts/CRc-tracking-dnt.html


Abstract
--------

This specification defines the DNT request header field as an HTTP mechanism for expressing a user's preference regarding tracking, an HTML DOM property to make that expression readable by scripts, and APIs that allow scripts to register exceptions granted by the user. It also defines mechanisms for sites to communicate whether and how they honor a received preference, including well-known resources for retrieving preflight tracking status, a media type for representing tracking status information, and the Tk response header field for confirming tracking status.


Status
------

[...] This document was published by the Tracking Protection Working Group as a Candidate Recommendation. This document is intended to become a W3C Recommendation. Comments regarding this document are welcome. Please send them to public-tracking@w3.org (subscribe, archives). W3C publishes a Candidate Recommendation to indicate that the document is believed to be stable and to encourage implementation by the developer community. This Candidate Recommendation is expected to advance to Proposed Recommendation no earlier than 07 December 2017.  [...]


Link to previous transition
---------------------------

https://lists.w3.org/Archives/Member/chairs/2015JulSep/0055.html


Decision to request transition
------------------------------

https://www.w3.org/2017/09/25-dnt-minutes.html


Changes
-------

The client-side scripting API has been rewritten to use fewer functions and to return Promises. (These are JavaScript functions that scripts in an interactive document or application call to ask the user to consent to tracking and to store the answer in the browser’s storage, as well as to check  if the browser’s storage already contains such a consent.)

Terminology has been updated to use terms from HTML5.

The specification now defines how to extend the Tk header (part of the HTTP-based protocol), e.g., to comply with possible future legal requirements. No such extensions are currently known.

The ability to add extensions to the DNT header (another part of the HTTP-based protocol) is no longer marked “at risk”, because the group considers that this feature cannot be removed.

The full "diff" between the old and new specs:

https://services.w3.org/htmldiff?doc1=http%3A%2F%2Fwww.w3.org%2FTR%2F2015%2FCR-tracking-dnt-20150820%2F&doc2=https%3A%2F%2Fw3c.github.io%2Fdnt%2Fdrafts%2FCRc-tracking-dnt.html

The history of changes on GitHub:

https://github.com/w3c/dnt/commits/master/drafts/tracking-dnt.html


Requirements satisfied
----------------------

There is no formal requirements document.

This specification satisfies the group's charter, which says: "This specification defines the technical mechanisms for expressing a Do Not Track preference, for example as an HTTP header or a DOM property. It may include mechanisms for sites to signal whether and how they honor this preference."


Dependencies met (or not)
-------------------------

The specification depends on concepts defined in HTML5 and WebIDL (both W3C Recommendations). The dependencies have not changed since the previous CR.

No groups are known to depend on this specification.

Only the Privacy Interest Group has a (non-normative) reference to DNT in one of their Notes.


Wide Review
-----------

The original CR was widely reviewed and the main normative change was a redesign of the User-granted Exceptions Javascript API.  

The implementers in the WG reviewed the specification and provided draft implementations. To ensure wider review, we resubmitted the draft for review by the I18N WG, PING, WS IG, APA WG. No new issues have been raised so far, however, implementation and review will continue throughout this CR phase.

No features are marked as "at risk".

As a key stakeholder that is represented in the WG, the European Article 29 Working Party (“WP29”; representing the EU privacy commissioners) was invited to formally review the new API. The WP29 indicated to provide a review before the end of the year.

Issues addressed
----------------

The issues list is maintained on Github:

   https://github.com/w3c/dnt/issues

All issues resolved by consensus.

(These are only the new issues, i.e., raised *after* the previous CR.)


Formal Objections
-----------------

There were no formal objections.


Implementation
--------------

A preliminary implementation report is available:

   https://www.w3.org/wiki/Privacy/TPWG/TPE_Implementation_Report

However, it does not yet include the rewritten client-side API. It will be updated during the CR period.

So far, there exists one implementation of the new API (https://baycloud.com/bouncerDownload) and there are some test results (http://www.w3.org/mid/20d701d32cab$a2623050$e72690f0$@baycloud.com)


Patent disclosures
------------------

There are no patent disclosures and no disclosure opportunity is currently open. (The last one ended on 12 September 2015.)



For the TP WG,
Bert
----------------------------------------------------------------------



Bert
-- 
  Bert Bos                                ( W 3 C ) http://www.w3.org/
  http://www.w3.org/people/bos                               W3C/ERCIM
  bert@w3.org                             2004 Rt des Lucioles / BP 93
  +33 (0)4 92 38 76 92            06902 Sophia Antipolis Cedex, France

Received on Monday, 2 October 2017 14:20:11 UTC