16:54:53 RRSAgent has joined #dnt 16:54:53 logging to http://www.w3.org/2012/02/22-dnt-irc 16:55:06 rrsagent, make logs public 16:55:08 dsriedel has joined #dnt 16:55:17 chair: schunter 16:55:52 +rvaneijk 16:56:08 agenda? 16:57:13 +[IBM_Watson] 16:57:49 agenda+ Selection of scribe 16:58:12 agenda+ Any comments on minutes: 16:58:25 agenda+ Review of overdue action items 16:58:38 agenda+ .Discussion of pending review ISSUES 16:58:48 npdoty has joined #dnt 16:58:59 agenda+ Timeline to next public document release 16:59:01 johnsimpson has joined #DNT 16:59:04 +npdoty 16:59:11 agenda+ Announce next meeting & adjourn 16:59:35 + +1.202.684.aaaa 16:59:39 jmayer has joined #dnt 16:59:40 + +1.646.654.aabb 16:59:54 eberkower has joined #dnt 17:00:17 + +1.202.637.aacc 17:00:21 Zakim, Who is online? 17:00:21 sorry, schunter, I do not understand your question 17:00:22 + +1.562.865.aadd 17:00:29 Zakim, who is on the phone? 17:00:29 On the phone I see aleecia, tl, rvaneijk, [IBM_Watson], npdoty, +1.202.684.aaaa, +1.646.654.aabb, +1.202.637.aacc, +1.562.865.aadd 17:00:32 Haakon has joined #dnt 17:00:46 jchester2 has joined #dnt 17:00:50 WileyS has joined #DNT 17:00:52 646 654 is elise berkower 17:01:00 +Rigo 17:01:00 +PederMagee 17:01:01 Zakim, aabb is eberkower 17:01:01 +eberkower; got it 17:01:07 +johnsimpson 17:01:11 Zakim, [IBM_Watson] has schunter 17:01:11 +schunter; got it 17:01:17 pedermagee has joined #dnt 17:01:17 + +1.978.944.aaee 17:01:18 zakim, mute me 17:01:19 Rigo should now be muted 17:01:27 + +1.510.501.aaff 17:01:40 Very excited about the 1P vs. 3P discussion on the list. Seems to me we're getting quite close. 17:01:43 alex has joined #dnt 17:01:45 zakim, mute me 17:01:49 johnsimpson should now be muted 17:01:53 +jchester2 17:01:54 efelten has joined #dnt 17:01:58 zakim, mute me 17:01:59 jchester2 should now be muted 17:02:11 ChrisPedigoOPA has joined #dnt 17:02:11 +[Microsoft] 17:02:15 + +1.408.349.aagg 17:02:18 ac has joined #dnt 17:02:29 Zakim, aaee is Nokia 17:02:29 +Nokia; got it 17:02:29 Please mute 17:02:29 Tom and I proposed user expectations, Amy and Shane proposed branding or affiliation. 17:02:30 + [Nokia] 17:02:38 Vikram Malaiya 17:02:39 + +1.202.637.aahh 17:02:40 I think we could definitely achieve a compromise here on branding. 17:02:53 vincent_ has joined #dnt 17:02:58 +aadd.a 17:03:05 Zakim, aaee has VikramMalaiya 17:03:05 sorry, npdoty, I do not recognize a party named 'aaee' 17:03:09 agenda? 17:03:16 Zakim, Nokia has VikramMalaiya 17:03:16 +VikramMalaiya; got it 17:03:18 + +1.617.733.aaii 17:03:41 Reminder: face-to-face meeting dates are April 10, 11, 12 in Washington, DC. 17:03:44 schunter: face-to-face fixed for April 10-12, exact details of venue to come 17:03:56 justin_ has joined #dnt 17:04:03 +Helena 17:04:03 hefferjr has joined #dnt 17:04:07 + +1.408.423.aajj 17:04:16 ... ideal goal is to clarify remaining open questions for TPE document and plan how to get the next release out the door 17:04:18 zakim, [apple] has dsinger 17:04:18 sorry, dsinger, I do not recognize a party named '[apple]' 17:04:25 + +1.202.744.aakk 17:04:26 ... remove all closed issues 17:04:29 - +1.408.423.aajj 17:04:39 ... fairly clean, listing alternatives where we have them 17:04:42 + +1.206.369.aall 17:04:51 + +1.813.366.aamm 17:04:59 Zakim, take up agendum 1 17:04:59 agendum 1. "Selection of scribe" taken up [from aleecia] 17:05:00 tedleung has joined #dnt 17:05:07 +dsriedel 17:05:08 + +1.408.423.aann 17:05:10 Zakim, aamm is alex 17:05:10 +alex; got it 17:05:13 + +1.206.619.aaoo 17:05:17 zakim, aann is dsinger 17:05:17 +dsinger; got it 17:05:24 zakim, you have a dreadful memory 17:05:26 I don't understand 'you have a dreadful memory', dsinger 17:05:31 zakim, pick a victim 17:05:39 Zakim, choose a scribe 17:05:40 Not knowing who is chairing or who scribed recently, I propose [IBM_Watson] 17:05:42 Not knowing who is chairing or who scribed recently, I propose +1.202.684.aaaa 17:05:45 fielding has joined #dnt 17:05:47 heh 17:06:10 +fielding 17:06:18 andyzei has joined #dnt 17:06:23 scribenick: tedleung 17:06:47 Zakim, next agendum 17:06:47 agendum 2. "Any comments on minutes:" taken up [from aleecia] 17:06:50 …and use the q+!! 17:06:54 Recent teleconferences: 17:06:55 http://www.w3.org/2012/02/01-dnt-minutes 17:06:55 http://www.w3.org/2012/02/08-dnt-minutes 17:06:55 Brussels: 17:06:55 http://www.w3.org/2012/01/24-dnt-minutes 17:06:56 http://www.w3.org/2012/01/25-dnt-minutes 17:06:57 http://www.w3.org/2012/01/26-dnt-minutes 17:06:57 +Hakon 17:07:07 q? 17:07:10 thanks Nick! 17:07:18 note that I did get some extra notes on one days of Brussels minutes, that I'll add in 17:07:22 minutes from previous meetings approved 17:07:28 Zakim, next agendum 17:07:28 agendum 2 was just opened, npdoty 17:07:28 https://www.w3.org/2011/tracking-protection/track/actions/overdue 17:07:35 Zakim, take up agendum 3 17:07:35 agendum 3. "Review of overdue action items" taken up [from aleecia] 17:08:04 action-82? 17:08:04 ACTION-82 -- Thomas Lowenthal to assess the proposed JavaScript opt-back-in API with Mozilla mothership's JS gurus [ISSUE-27]. -- due 2012-02-18 -- OPEN 17:08:04 http://www.w3.org/2011/tracking-protection/track/actions/82 17:08:43 really close, but not quite finished yet 17:08:44 tom and andy are still working on a counter proposal 17:08:53 due by next wed 17:09:13 action-82 due 2/29 17:09:13 ACTION-82 Assess the proposed JavaScript opt-back-in API with Mozilla mothership's JS gurus [ISSUE-27]. due date now 2/29 17:09:23 action-91? 17:09:23 ACTION-91 -- Andy Zeigler to write text on fingerprinting risk (ISSUE-109, ISSUE-114), with Nick Doty -- due 2012-02-13 -- OPEN 17:09:23 http://www.w3.org/2011/tracking-protection/track/actions/91 17:09:24 (Andy speaking) 17:09:30 action-91 due 2/29 17:09:30 ACTION-91 Write text on fingerprinting risk (ISSUE-109, ISSUE-114), with Nick Doty due date now 2/29 17:09:33 - +1.202.637.aacc 17:09:36 andy says same date as action-82 17:09:49 action-93? 17:09:49 ACTION-93 -- Jeffrey Chester to write suggestions for best practices for issue-115, assisted by Ninja, Alan, Jim -- due 2012-02-07 -- OPEN 17:09:49 http://www.w3.org/2011/tracking-protection/track/actions/93 17:09:55 Zakim, unmute me 17:09:55 jchester2 should no longer be muted 17:10:12 1 more week? 17:10:15 Or done? 17:10:38 jchester2 sent text this am. new due date fri to allow alan to comment 17:10:43 I like Friday better :-) 17:10:48 zakim, mute me 17:10:48 jchester2 should now be muted 17:10:53 action-93: due 2/24 17:10:53 ACTION-93 write suggestions for best practices for issue-115, assisted by Ninja, Alan, Jim notes added 17:11:05 TL speaking? 17:11:09 JC has joined #DNT 17:11:31 TL 17:11:49 tl still has an action for 3rd parties not to represent themselves as 1st parties. holding off until response header issues are clarified 17:11:53 tl, new due date for action 116? 17:11:58 Responses via well-known URI: 17:11:58 https://www.w3.org/2011/tracking-protection/track/issues/124 17:12:09 npdoty, 14d please. 17:12:09 BrianTs has joined #DNT 17:12:09 Zakim, take up agendum 4 17:12:09 agendum 4. ".Discussion of pending review ISSUES" taken up [from aleecia] 17:12:19 kj has joined #dnt 17:12:27 +[Microsoft.a] 17:12:28 action-116 due 3/6 17:12:28 ACTION-116 Draft text prohibitng third parties from acting or representing themselves as first parties due date now 3/6 17:13:00 action-124 17:13:03 q+ 17:13:05 Zakim, [Microsoft.a] has BrianTs 17:13:05 +BrianTs; got it 17:13:15 action-124? 17:13:15 ACTION-124 -- Amy Colando to draft an alternate 1st/3rd proposal (with Shane and Ted) -- due 2012-02-22 -- OPEN 17:13:15 http://www.w3.org/2011/tracking-protection/track/actions/124 17:13:27 schunter: purpose is to give information to user agents about the tracking status 17:13:35 Chapell has joined #DNT 17:13:36 +q 17:13:40 ... tl (with help) proposed a response header in http 17:13:41 q- later 17:13:46 http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#status-resource 17:14:02 ... fielding proposed a well-known URI approach 17:14:15 q- rigo 17:15:32 dsinger, 5.1 17:15:45 Joanne has joined #DNT 17:16:09 fielding summarizes the proposal for using the well known URI 17:16:28 +Chapell 17:17:38 q? 17:19:03 forgive the 101 question: what happens if a user does not enable javascript? 17:19:21 the user agent will interpret this, not client-side javascript 17:19:22 aleecia, This works fine in that situation. JSON is just a data format. 17:19:29 thank you, Nick 17:19:52 schunter: don't need to discuss the particular fields at the moment (since they may change, say) 17:20:01 schunter asks that we not discuss the specifics of the fields 17:20:13 q? 17:20:19 rather compare the use of headers vs well known uris 17:20:26 s/ asks that/:/ 17:20:38 ack tl 17:20:54 tl: really like this proposal 17:20:58 tl likes this proposal, would like to see a compromise btwn the two approaches 17:21:27 tl: does a site have to have a status resources for every object on it? 17:21:56 would like clarification that every resource must be covered by a status resource 17:22:00 zakim, who is making noise? 17:22:11 rigo, listening for 10 seconds I heard sound from the following: tl (70%) 17:22:17 zakim, mute me 17:22:17 dsriedel should now be muted 17:22:46 tl: incorporate 4.1.1 of compliance into list of reasons 17:22:54 would like a connection 4.1.1 of compliance ( the exceptions?) 17:23:09 when the compliance doc is baked, this gets easier 17:23:17 +1 to Matthias here 17:23:20 I think that's compliance doc section 4.4.1? 17:23:49 dave would like to spend time with both server and client folks here to tease out the pluses and minuses 17:23:53 given this type of proposal, tl would be comfortable with response headers as May not Must 17:23:59 q+ to tell that it reverts the direction of the protocol 17:24:08 zakim, mute me 17:24:08 alex should now be muted 17:24:30 q? 17:24:32 q? 17:25:01 Why not both? 17:25:03 q? 17:25:08 schunter asks, if we have well known uri, do we still need headers 17:25:14 q+ 17:25:36 Machine readable vs. human readable 17:25:38 - +1.202.684.aaaa 17:25:49 tl: well known uri can give a lot more detail, headers can give simple low latency info for user agents 17:26:14 -q 17:27:03 Is bootstrapping a problem here? 17:27:04 q+ on requesting before making a request 17:27:08 fielding: ua can request on the well known URI before doing anything real on the site, so harder to track 17:27:15 q? 17:28:21 well known URI = MUST, response header = SHOULD 17:28:57 q+ 17:29:07 + +1.212.565.aapp 17:29:11 user agent should always ask the well known URI first. if the entire site is covered, then must query about individual resources 17:29:13 q? 17:29:16 q+ 17:29:25 +q 17:29:30 ack rigo 17:29:31 rigo, you wanted to tell that it reverts the direction of the protocol 17:30:28 i think rigo was saying that this is similar to what p3p does and that we should look at p3p if we go this direction. 17:31:03 ack fielding 17:31:38 I do not have any of Rigo's confusion, and I didn't have any on my first read of Roy's proposal. 17:32:01 because you haven't read the P3P Specification yet 17:32:04 which is easier to implement? header or well-known URI 17:32:17 P3P will cause confusion :-) 17:32:43 This is not P3P 17:33:08 q? 17:33:31 this is different from p3p in that it is not general purpose 17:33:41 q+ 17:33:43 (tl and fielding on that last comment) 17:34:13 Rigo: Well-known location only works for simple sites. 17:34:14 Rigo: well-known location seems simple, but then we add more to it and it gets complicated. 17:34:31 99% of target sites were too complicated to properly model/express in a single location 17:35:05 it's not about the fields that you send, it's about the fixed location 17:35:06 My take: Federated sites may have difficulties managing a well-known URI for all its pieces. 17:35:12 Completely disagree with Rigo's assertion. 17:35:22 Easier for page-author to send a header, too? 17:35:27 sean has joined #dnt 17:35:43 probably depends on the page-author's particular infrastructure 17:35:46 …but the content at the well-known lot can be dynamic, right? Not sure what Rigo means here? 17:36:02 claim is that sites cannot react to the DNT value and is therefore not dynamic 17:36:09 (not understanding his argument) 17:36:15 q? 17:36:41 ack npdoty 17:36:41 npdoty, you wanted to comment on requesting before making a request 17:37:36 npdoty is asking about querying the well known uri before retrieving a resource 17:37:57 because of things like cookies 17:37:58 so P3P had a bootstrapping problem because P3P was used to block things. DNT is not envisioned that way. Does bootstrapping matter? 17:37:59 http://www.w3.org/TR/P3P11/#safezone 17:38:08 is what Roy is currently tallking about 17:38:11 fielding: server must not track the well known uri space 17:38:19 q? 17:39:07 the Referer piece here is actually interesting (re: safe zone) 17:39:42 I think this is providing additional information and could convey the P3P semantics and also the additional compliance semantics if need be 17:40:16 npdoty: in the case of a bad server, sending cookies to it (even in the well known uri space) is what you don't want to do 17:40:38 aleecia: asks to walk through roy's proposal using facebook like button as example 17:41:15 the protocol Roy suggests is here: http://www.w3.org/TR/P3P11/#Well_Known_Location 17:42:31 fielding: browser is in pre query mode. browser checks it's list of whether it has checked this uri before. query to wellknown uri of ny times returns a list of affiliated servers, facebook like button is not on the list 17:43:18 and like button is then a 3rd party 17:43:41 aleecia; now click on like button 17:44:36 fielding: that's a new user initiated request, so now a 1st party, if client doesn't have tracking policy for facebook, then it will query facebook's well-known URI for policy. 17:45:02 clicking on the like button would likely have a different tracking status than when loading the like button, right? 17:45:39 tracking status resource specifies the scope of the covered uri 17:45:48 zakim, mute me 17:45:48 aleecia should now be muted 17:47:13 I wonder if this would be an instructive example to walk through for both proposals. My concern is that cache and sites that can be 1st or 3rd parties always works correctly, in both cases. Certainly the well known URI content can be dynamic 17:47:29 q? 17:47:32 But does that work with multiple users read the same URI? 17:47:36 ack aleecia 17:47:43 zakim, mute me 17:47:43 aleecia should now be muted 17:48:01 I think the problem only arises with resources that are sometimes 1st and sometimes 3rd party. do referer headers help? 17:48:10 I think Roy is suggesting that tracking JavaScript like that should initiate xhr requests in a different part of the URI space 17:48:50 tl is asking about the effects of caching the tracking policy information obtained from the well known uris. concern is about objects like like button which switch back and forth between 1st and 3rd parties 17:49:22 bad actors will be bad actors - thought we agreed to overly build the standard to try to stop bad actors - they'll find ways around anything we build 17:49:36 "...agreed to NOT overly build..." 17:50:04 tl: if i am very nefaries, the js for the like button can call some other piece of code, like flash or java, which might not make an http request which could checked by querying the well known uri 17:50:36 yes 17:50:41 Shane: I'm not concerned so much about malice as are we accidentally specifying how things work at a technical level 17:50:49 +1 for use cases 17:50:51 schunter: still looking for pros and cons vs headers; also would like to see a walkthrough of some more use cases, using both headers and the well known uri 17:50:55 yes, it seems like walking through details of some use cases will be important for us 17:51:00 +1 for use cases 17:51:06 +1 for use cases 17:51:32 q? 17:52:04 Is that good use of group time, or one-on-one? (I'm not sure at all) 17:52:12 tl wants to have proposal / counter proposal with roy 17:52:52 schunter wants to build a matrix of pros cons between the various proposals, driven by use cases 17:52:53 like 17:52:57 +1 17:53:25 q? 17:53:36 I'm set 17:53:42 ack dsinger 17:53:43 ack dsinger 17:54:08 I'd love to have more use cases inside the TPE spec. 17:54:55 4 steps: 1: Use casese; 2: Implementation sketches using both technologies; 3: compare approaches using a table (possibly in wiki) 17:55:31 dsinger is asking about the privacy of querying the well known uri. is the goal that it is always safe to fetch this uri? 17:55:34 fielding: yes 17:55:35 Use cases I'd find helpful for both implementations: 17:55:38 q? 17:55:44 ack tl 17:55:44 ack tl 17:55:48 zakim, unmute me 17:55:48 johnsimpson should no longer be muted 17:55:50 - first party that doesn't do any tracking whatsoever 17:55:57 -q 17:56:04 ack johnsimpson 17:56:15 - first party with dynamic third parties (e.g. ads) 17:56:29 johnsimpson is asking which method is easier to implement 17:56:32 dsinger, look at http://www.w3.org/TR/P3P11/#safezone for requirements for fetching WKL 17:56:34 - first party with a third party promoted to first party (e.g. Like button) 17:56:42 anything else that would be helpful? 17:56:58 headers for sites that do no tracking is a simple change to the server config file, no? 17:56:59 well known uri is easier for sites to deploy because the implemention is external from the existing machinery of their sites 17:57:00 I think it may vary depending on your particular implementation 17:57:19 I created ISSUE-127 to moderate this comparison... 17:57:20 q? 17:57:28 David, I do think some of this is very simple -- I was trying to start with "hello world" for use cases there 17:57:28 q+ 17:57:32 header field is easier to implement on the user agent side, but it learns the tracking status after it actually makes the request 17:57:51 +1 17:57:53 +1 17:58:23 fielding, look at http://www.w3.org/2010/09/raggett-fresh-take-on-p3p/ 17:58:25 (that is, +1 on asking for public input on these different proposals) 17:58:34 schunter: let's include both in draft 17:58:48 schunter thinks we should also ask for public input by including both proposals in the draft 17:58:49 +1 17:58:50 I think both proposals have the nature that the complexity of implementation is proportional to the complexity of tracking, which is good 17:58:53 I thought we were just looking at the more recent header proposal 17:58:56 roy: currently both in document 17:59:20 schunter would also like a call with tl and fielding to synchronize on the fields 17:59:22 david, +1 17:59:25 -[Microsoft] 17:59:58 yeah, the fields won't be completely identical, but the exceptions area in particular may be good to synchronize 18:00:01 exactly what Roy is saying: Scope of the declaration 18:00:05 fielding is unsure the field synchronization is possible 18:00:11 q? 18:00:12 +1 to take offline 18:00:16 field synchronization discussion to go offline 18:00:24 ack alex 18:01:18 http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#status-caching 18:01:24 alex - do we need to include language to address user-agent caching? 18:01:58 If only HTTP provided for detailed descriptions of cacheability? 18:02:03 - +1.562.865.aadd 18:02:41 +q 18:02:57 the scope of the statement is different. A response to a DNT is on the request 18:03:00 q? 18:03:02 ack tl 18:03:07 the WKL is scoped on all requests 18:03:30 super robot! 18:03:43 everyone loves giant robots 18:03:48 schunter: plan is to publish both proposals in next WD, work out pros and cons matrix via use cases 18:03:54 I think we need to understand the uses cases, pluses and minuses before we even decide whether we want one winner, or ... 18:04:01 action: schunter to collect use cases for well-known-uri/response-header 18:04:01 Created ACTION-128 - Collect use cases for well-known-uri/response-header [on Matthias Schunter - due 2012-02-29]. 18:04:11 david, that seems right to me too 18:04:29 first round of use cases due by end of the week 18:04:56 action: fielding to remove old response header proposal from TPE so that there is just one header proposal 18:04:56 Created ACTION-129 - Remove old response header proposal from TPE so that there is just one header proposal [on Roy Fielding - due 2012-02-29]. 18:05:40 -dsriedel 18:06:33 agenda? 18:06:39 - Details for site-specific exeptions: 18:06:39 https://www.w3.org/2011/tracking-protection/track/issues/113 18:06:39 https://www.w3.org/2011/tracking-protection/track/issues/112 18:06:39 https://www.w3.org/2011/tracking-protection/track/issues/111 18:07:04 Zakim, close agendum 2 18:07:04 agendum 2, Any comments on minutes:, closed 18:07:05 I see 4 items remaining on the agenda; the next one is 18:07:05 3. Review of overdue action items [from aleecia] 18:07:08 Zakim, close agendum 3 18:07:08 agendum 3, Review of overdue action items, closed 18:07:09 I see 3 items remaining on the agenda; the next one is 18:07:09 4. .Discussion of pending review ISSUES [from aleecia] 18:07:10 +q 18:07:11 next: issues on site specific exceptions 18:07:19 +q 18:07:22 Zakim, take up agendum 4 18:07:22 agendum 4. ".Discussion of pending review ISSUES" taken up [from aleecia] 18:07:30 Topic: site-specific exceptions issues 18:07:36 - +1.510.501.aaff 18:08:09 I'd like to make the case for DNT:2 if possible 18:08:14 Haakon has left #dnt 18:08:16 q? 18:08:20 Issue 112 goes to heart of First and Third party issues, and requires indepth discussion 18:08:30 I'd like to make the case against DNT:2. 18:08:38 -Hakon 18:08:40 q? 18:08:57 issue-111? 18:08:57 ISSUE-111 -- Different DNT value to signify existence of site-specific exception -- pending review 18:08:57 http://www.w3.org/2011/tracking-protection/track/issues/111 18:08:58 q? 18:09:03 ack WileyS 18:09:12 I have to sign off, unfortunately, due to conflict. I hope we can address 112 next week 18:09:21 -jchester2 18:09:36 it's the current proposal from WileyS, and it's mentioned as in open issue in the draft 18:10:37 q? 18:10:45 the issue is noted in both 4.1 and 6.5 18:10:57 within JavaScript 18:12:30 do you want DNT:2 to be a promise that the user agent has persisted all the permissions that were requested the last time? 18:13:00 argument for dnt:2 is to reduce the amount of polling for site-specific exceptions 18:13:15 q+ 18:13:27 s/argument/WileyS: argument/ 18:13:40 ack tl 18:14:02 npdoty, that's not what I understand, it's rather to know that at least one exception exist for this site 18:14:10 tl constant polling allows user agent to make very robust choices about when it prompts users and how long to store exceptions 18:14:21 I agree, vincent_, but I'm not sure that's Shane's use case 18:14:29 action: schunter to collect use-cases for URI vs Response header 18:14:30 Created ACTION-130 - Collect use-cases for URI vs Response header [on Matthias Schunter - due 2012-02-29]. 18:14:38 s/tl constant/tl: constant/ 18:14:56 action: fielding to sketch use case implementation for URI 18:14:56 Created ACTION-131 - Sketch use case implementation for URI [on Roy Fielding - due 2012-02-29]. 18:15:10 I don't understand why the UA doesn't send DNT=0 if a site specific exception has been granted? 18:15:11 +q 18:15:11 action: tl to sketch use case implementation for URI 18:15:11 Sorry, amibiguous username (more than one match) - tl 18:15:11 Try using a different identifier, such as family name or username (eg. tleung2, tlowenth) 18:15:40 Disagree - remember this will happen on every single page request from a DNT:1 user 18:15:42 action: tlowenth to sketch use case implementation for Response Headers 18:15:42 Created ACTION-132 - Sketch use case implementation for Response Headers [on Thomas Lowenthal - due 2012-02-29]. 18:15:48 tl: overhead this polling is not any worse than some of the ajax style traffic that is used to provide a rich experience on the web today 18:16:07 - +1.202.637.aahh 18:16:19 action: schunter to collect comparison criteria and summarize comparison in URIvsHeaders table 18:16:19 Created ACTION-133 - Collect comparison criteria and summarize comparison in URIvsHeaders table [on Matthias Schunter - due 2012-02-29]. 18:16:23 I don't think tl is referring to ajax style network traffic, but use of javascript on the client 18:17:09 fielding, are you on the queue to describe cookies as the way to maintain state? 18:17:21 no 18:17:37 q+ to suggest cookies 18:17:46 roy, why aren't they sending DNT=0 after exception? 18:18:06 and maintain state in the browser (client-side) 18:18:42 WileyS: DNT:2 is in addition to DNT:1 and would be a should not a must. Full user control is still present with DNT:1 18:18:45 ack fielding 18:19:13 fielding: isn't client going to be sent DNT:0 if there is a site specific exception? 18:19:27 WileyS: no, DNT:0 doesn't cover the site specific exception case 18:20:18 WileyS: the question is when do we poll for site specific exceptions 18:20:49 my understanding is that the first-party will continue to receive DNT:1 when some of the third-parties might be receiving exceptions 18:21:04 the scope of DNT=2 is going far beyond the request and will create all sorts of complexities and issues IMHO 18:21:07 tl: one or more gets DNT:2, or when all of them? 18:21:24 WileyS: my conception of DNT:2 is that one or more of the first party's 3rd parties have been granted a site specific exception 18:22:02 q? 18:22:31 note that none of these details are present in the issue 18:22:40 wait, how do you know you polled me since you added your last third party if you can't track me? 18:22:59 why doesn't the third party poll the user themselves? 18:23:28 so the first party only wants to give content if the third party tracking is allowed and needs communications to know that 18:24:16 It is information that tells the site ¨this guy sent DNT;1, have I received exceptions that continues my site to operate?¨ 18:24:44 in this case, DNT=2 means that requests are only allowed if all exceptions are granted 18:24:51 - +1.212.565.aapp 18:25:19 I believe that ´does not my site still work´ is a valid question/concern. 18:25:28 npdoty: if the UA only grant exceptions for some of the 3rd parties, what DNT value is that? 18:25:29 whatif the UA just does not request that content from the third party at all? 18:25:48 (5 minutes left on this call) 18:26:17 < 1ms, presumably, for a JS call, right? 18:27:39 agenda? 18:29:36 we definitely have some confusion here :) 18:29:44 Ideas how to clarify? 18:29:48 Email? 18:29:54 make it hard to scribe 18:30:12 WileyS: better if the user agent does it because it's faster 18:30:23 tl suggests to send a different javascript depending on whether the service received DNT=1 or DNT=0 18:30:27 Suggest we take this offline 18:30:29 fielding: but your server constructing different JavaScript based on a different value would actually be much slower 18:30:40 WileyS: but don't want to do this JavaScript polling on every page 18:30:41 I can see the desire, but given the fact that a user agent can change preferences at any time and that the server cannot trust the 2 being sent anyway if it depends on it, the DNT:2 proposal is not useful. 18:30:55 Versus polling and adding polling overhead on every single request 18:31:13 tl: executing the JavaScript is also on the client side, super fast! 18:32:13 q+ 18:32:16 q- 18:32:21 q- WileyS 18:32:24 q? 18:33:03 Sorry, hard stop for me today. Off I go. 18:33:04 Email is fine 18:33:06 ack ChrisPedigoOPA 18:33:49 I think we should wrap-up and continue in email 18:33:51 Our goal must be to implement Shane´s requirement in the most efficient way 18:33:58 Let's document the full use case and we can come back to discuss after that 18:34:29 +1 18:34:43 +1 18:34:50 I have to jump - apologies - really want to stay. Look forward to the email chain! :-) 18:35:11 -PederMagee 18:35:13 Zakim, close this agendum 18:35:13 agendum 4 closed 18:35:14 I see 2 items remaining on the agenda; the next one is 18:35:14 5. Timeline to next public document release [from aleecia] 18:35:35 schunter: by next week, polish the document so it's presentable to the public 18:35:50 - +1.206.619.aaoo 18:35:50 ... take a quick look next week to make sure we're okay releasing the next draft to the public 18:36:07 ... if the issues are closed, remove them, other issues remain in the doc 18:36:15 fielding: okay 18:36:15 -Chapell 18:36:24 - +1.408.349.aagg 18:36:26 - +1.202.744.aakk 18:36:37 npdoty: thanks for the help 18:37:01 -Rigo 18:37:02 …regrets he is still behind-hand with the emails... 18:37:02 -eberkower 18:37:05 -alex 18:37:06 -Nokia 18:37:07 -johnsimpson 18:37:07 thx all 18:37:08 -Helena 18:37:08 -rvaneijk 18:37:10 -dsinger 18:37:12 thanks to tedleung for scribing 18:37:12 - +1.206.369.aall 18:37:13 -tl 18:37:15 johnsimpson has left #DNT 18:37:15 -aleecia 18:37:17 -[Microsoft.a] 18:37:19 tedleung has left #dnt 18:37:19 - +1.617.733.aaii 18:37:23 vm has left #dnt 18:37:23 Zakim, list attendees 18:37:23 As of this point the attendees have been aleecia, tl, rvaneijk, npdoty, +1.202.684.aaaa, +1.646.654.aabb, +1.202.637.aacc, +1.562.865.aadd, Rigo, PederMagee, eberkower, 18:37:27 ... johnsimpson, schunter, +1.978.944.aaee, +1.510.501.aaff, jchester2, [Microsoft], +1.408.349.aagg, +1.202.637.aahh, aadd, VikramMalaiya, +1.617.733.aaii, Helena, 18:37:27 ... +1.408.423.aajj, +1.202.744.aakk, +1.206.369.aall, +1.813.366.aamm, dsriedel, +1.408.423.aann, alex, +1.206.619.aaoo, dsinger, fielding, Hakon, BrianTs, Chapell, 18:37:29 ... +1.212.565.aapp 18:37:30 rigo has left #dnt 18:37:31 -fielding 18:37:38 -aadd.a 18:37:41 rrsagent, draft minutes 18:37:41 I have made the request to generate http://www.w3.org/2012/02/22-dnt-minutes.html npdoty 18:37:49 action: fielding to cleanup document to produce next public version of TPE 18:37:49 Created ACTION-134 - Cleanup document to produce next public version of TPE [on Roy Fielding - due 2012-02-29]. 18:38:02 rrsagent, make logs world 18:38:21 Chair: schunter 18:38:31 Meeting: Tracking Protection Working Group teleconference 18:39:06 rrsagent, draft minutes 18:39:06 I have made the request to generate http://www.w3.org/2012/02/22-dnt-minutes.html npdoty 18:39:13 Zakim, bye 18:39:13 leaving. As of this point the attendees were aleecia, tl, rvaneijk, npdoty, +1.202.684.aaaa, +1.646.654.aabb, +1.202.637.aacc, +1.562.865.aadd, Rigo, PederMagee, eberkower, 18:39:13 Zakim has left #dnt 18:39:16 ... johnsimpson, schunter, +1.978.944.aaee, +1.510.501.aaff, jchester2, [Microsoft], +1.408.349.aagg, +1.202.637.aahh, aadd, VikramMalaiya, +1.617.733.aaii, Helena, 18:39:16 ... +1.408.423.aajj, +1.202.744.aakk, +1.206.369.aall, +1.813.366.aamm, dsriedel, +1.408.423.aann, alex, +1.206.619.aaoo, dsinger, fielding, Hakon, BrianTs, Chapell, 18:39:17 ... +1.212.565.aapp 18:39:26 action: wiley to detail use case for ISSUE-111 (DNT;2) 18:39:26 Created ACTION-135 - Detail use case for ISSUE-111 (DNT;2) [on Shane Wiley - due 2012-02-29]. 18:40:51 action: Propose simplified set of fields for URI and response headers 18:40:51 Sorry, couldn't find user - Propose 18:41:08 action: Schunter to Propose simplified set of fields for URI and response headers 18:41:08 Created ACTION-136 - Propose simplified set of fields for URI and response headers [on Matthias Schunter - due 2012-02-29]. 18:43:43 karl has joined #dnt 19:14:29 rrsagent, bye 19:14:29 I see 11 open action items saved in http://www.w3.org/2012/02/22-dnt-actions.rdf : 19:14:29 ACTION: schunter to collect use cases for well-known-uri/response-header [1] 19:14:29 recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-04-01 19:14:29 ACTION: fielding to remove old response header proposal from TPE so that there is just one header proposal [2] 19:14:29 recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-04-56 19:14:29 ACTION: schunter to collect use-cases for URI vs Response header [3] 19:14:29 recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-14-29 19:14:29 ACTION: fielding to sketch use case implementation for URI [4] 19:14:29 recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-14-56 19:14:29 ACTION: tl to sketch use case implementation for URI [5] 19:14:29 recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-15-11-1 19:14:29 ACTION: tlowenth to sketch use case implementation for Response Headers [6] 19:14:29 recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-15-42 19:14:29 ACTION: schunter to collect comparison criteria and summarize comparison in URIvsHeaders table [7] 19:14:29 recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-16-19 19:14:29 ACTION: fielding to cleanup document to produce next public version of TPE [8] 19:14:29 recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-37-49 19:14:29 ACTION: wiley to detail use case for ISSUE-111 (DNT;2) [9] 19:14:29 recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-39-26 19:14:29 ACTION: Propose simplified set of fields for URI and response headers [10] 19:14:29 recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-40-51 19:14:29 ACTION: Schunter to Propose simplified set of fields for URI and response headers [11] 19:14:29 recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-41-08 19:14:36 trackbot, bye 19:14:36 trackbot has left #dnt