- From: Paul Libbrecht <paul@hoplahup.net>
- Date: Fri, 30 Sep 2011 09:23:40 +0200
- To: John Kemp <john@jkemp.net>
- Cc: Bjoern Hoehrmann <derhoermi@gmx.net>, "www-tag@w3.org List" <www-tag@w3.org>
Received on Friday, 30 September 2011 07:24:13 UTC
From reading this whole thread I understand the following logout mechanism should be as close as possible: - go back to the site's home (the user can always go back if he wishes) - remove cookies for that domain and any transcluded resources' domains - remove local storage for the same (JS, flash, ....) - remove stored etags - remove or at least slightly modify cached entities last-modification dates - close all connections I, personally, do not think even the locale is worth keeping: the user wants to see the world with new fresh eyes of his browser; it should speak chinese if in a chinese internet café. Doing this, I believe, leaves only the IP as possible tracker (as well as all "more elaborate analysis methods" such as usage or type patterns as reported by Björn and Henry S) which cannot easily be changed. paul Le 27 sept. 2011 à 15:22, John Kemp a écrit : > My only point is that in this case (where user explicitly says 'logout') I believe that user expectations are being violated. I also asked for what the valid reasons are for doing this. But ultimately, it is this violation of user expectation that is the important part for me. > > I agree with you that identification (and the various degrees of that) are much more complex than can be expressed by 'logged-in vs. logged-out.'
Received on Friday, 30 September 2011 07:24:13 UTC