IRC log of dnt on 2012-02-22

Timestamps are in UTC.

16:54:53 [RRSAgent]
RRSAgent has joined #dnt
16:54:53 [RRSAgent]
logging to http://www.w3.org/2012/02/22-dnt-irc
16:55:06 [aleecia]
rrsagent, make logs public
16:55:08 [dsriedel]
dsriedel has joined #dnt
16:55:17 [aleecia]
chair: schunter
16:55:52 [Zakim]
+rvaneijk
16:56:08 [aleecia]
agenda?
16:57:13 [Zakim]
+[IBM_Watson]
16:57:49 [aleecia]
agenda+ Selection of scribe
16:58:12 [aleecia]
agenda+ Any comments on minutes:
16:58:25 [aleecia]
agenda+ Review of overdue action items
16:58:38 [aleecia]
agenda+ .Discussion of pending review ISSUES
16:58:48 [npdoty]
npdoty has joined #dnt
16:58:59 [aleecia]
agenda+ Timeline to next public document release
16:59:01 [johnsimpson]
johnsimpson has joined #DNT
16:59:04 [Zakim]
+npdoty
16:59:11 [aleecia]
agenda+ Announce next meeting & adjourn
16:59:35 [Zakim]
+ +1.202.684.aaaa
16:59:39 [jmayer]
jmayer has joined #dnt
16:59:40 [Zakim]
+ +1.646.654.aabb
16:59:54 [eberkower]
eberkower has joined #dnt
17:00:17 [Zakim]
+ +1.202.637.aacc
17:00:21 [schunter]
Zakim, Who is online?
17:00:21 [Zakim]
sorry, schunter, I do not understand your question
17:00:22 [Zakim]
+ +1.562.865.aadd
17:00:29 [npdoty]
Zakim, who is on the phone?
17:00:29 [Zakim]
On the phone I see aleecia, tl, rvaneijk, [IBM_Watson], npdoty, +1.202.684.aaaa, +1.646.654.aabb, +1.202.637.aacc, +1.562.865.aadd
17:00:32 [Haakon]
Haakon has joined #dnt
17:00:46 [jchester2]
jchester2 has joined #dnt
17:00:50 [WileyS]
WileyS has joined #DNT
17:00:52 [eberkower]
646 654 is elise berkower
17:01:00 [Zakim]
+Rigo
17:01:00 [Zakim]
+PederMagee
17:01:01 [npdoty]
Zakim, aabb is eberkower
17:01:01 [Zakim]
+eberkower; got it
17:01:07 [Zakim]
+johnsimpson
17:01:11 [npdoty]
Zakim, [IBM_Watson] has schunter
17:01:11 [Zakim]
+schunter; got it
17:01:17 [pedermagee]
pedermagee has joined #dnt
17:01:17 [Zakim]
+ +1.978.944.aaee
17:01:18 [rigo]
zakim, mute me
17:01:19 [Zakim]
Rigo should now be muted
17:01:27 [Zakim]
+ +1.510.501.aaff
17:01:40 [jmayer]
Very excited about the 1P vs. 3P discussion on the list. Seems to me we're getting quite close.
17:01:43 [alex]
alex has joined #dnt
17:01:45 [johnsimpson]
zakim, mute me
17:01:49 [Zakim]
johnsimpson should now be muted
17:01:53 [Zakim]
+jchester2
17:01:54 [efelten]
efelten has joined #dnt
17:01:58 [jchester2]
zakim, mute me
17:01:59 [Zakim]
jchester2 should now be muted
17:02:11 [ChrisPedigoOPA]
ChrisPedigoOPA has joined #dnt
17:02:11 [Zakim]
+[Microsoft]
17:02:15 [Zakim]
+ +1.408.349.aagg
17:02:18 [ac]
ac has joined #dnt
17:02:29 [npdoty]
Zakim, aaee is Nokia
17:02:29 [Zakim]
+Nokia; got it
17:02:29 [aleecia]
Please mute
17:02:29 [jmayer]
Tom and I proposed user expectations, Amy and Shane proposed branding or affiliation.
17:02:30 [vm]
+ [Nokia]
17:02:38 [vm]
Vikram Malaiya
17:02:39 [Zakim]
+ +1.202.637.aahh
17:02:40 [jmayer]
I think we could definitely achieve a compromise here on branding.
17:02:53 [vincent_]
vincent_ has joined #dnt
17:02:58 [Zakim]
+aadd.a
17:03:05 [npdoty]
Zakim, aaee has VikramMalaiya
17:03:05 [Zakim]
sorry, npdoty, I do not recognize a party named 'aaee'
17:03:09 [aleecia]
agenda?
17:03:16 [npdoty]
Zakim, Nokia has VikramMalaiya
17:03:16 [Zakim]
+VikramMalaiya; got it
17:03:18 [Zakim]
+ +1.617.733.aaii
17:03:41 [aleecia]
Reminder: face-to-face meeting dates are April 10, 11, 12 in Washington, DC.
17:03:44 [npdoty]
schunter: face-to-face fixed for April 10-12, exact details of venue to come
17:03:56 [justin_]
justin_ has joined #dnt
17:04:03 [Zakim]
+Helena
17:04:03 [hefferjr]
hefferjr has joined #dnt
17:04:07 [Zakim]
+ +1.408.423.aajj
17:04:16 [npdoty]
... ideal goal is to clarify remaining open questions for TPE document and plan how to get the next release out the door
17:04:18 [dsinger]
zakim, [apple] has dsinger
17:04:18 [Zakim]
sorry, dsinger, I do not recognize a party named '[apple]'
17:04:25 [Zakim]
+ +1.202.744.aakk
17:04:26 [npdoty]
... remove all closed issues
17:04:29 [Zakim]
- +1.408.423.aajj
17:04:39 [npdoty]
... fairly clean, listing alternatives where we have them
17:04:42 [Zakim]
+ +1.206.369.aall
17:04:51 [Zakim]
+ +1.813.366.aamm
17:04:59 [npdoty]
Zakim, take up agendum 1
17:04:59 [Zakim]
agendum 1. "Selection of scribe" taken up [from aleecia]
17:05:00 [tedleung]
tedleung has joined #dnt
17:05:07 [Zakim]
+dsriedel
17:05:08 [Zakim]
+ +1.408.423.aann
17:05:10 [alex]
Zakim, aamm is alex
17:05:10 [Zakim]
+alex; got it
17:05:13 [Zakim]
+ +1.206.619.aaoo
17:05:17 [dsinger]
zakim, aann is dsinger
17:05:17 [Zakim]
+dsinger; got it
17:05:24 [dsinger]
zakim, you have a dreadful memory
17:05:26 [Zakim]
I don't understand 'you have a dreadful memory', dsinger
17:05:31 [rigo]
zakim, pick a victim
17:05:39 [npdoty]
Zakim, choose a scribe
17:05:40 [Zakim]
Not knowing who is chairing or who scribed recently, I propose [IBM_Watson]
17:05:42 [Zakim]
Not knowing who is chairing or who scribed recently, I propose +1.202.684.aaaa
17:05:45 [fielding]
fielding has joined #dnt
17:05:47 [aleecia]
heh
17:06:10 [Zakim]
+fielding
17:06:18 [andyzei]
andyzei has joined #dnt
17:06:23 [npdoty]
scribenick: tedleung
17:06:47 [npdoty]
Zakim, next agendum
17:06:47 [Zakim]
agendum 2. "Any comments on minutes:" taken up [from aleecia]
17:06:50 [dsinger]
…and use the q+!!
17:06:54 [aleecia]
Recent teleconferences:
17:06:55 [aleecia]
http://www.w3.org/2012/02/01-dnt-minutes
17:06:55 [aleecia]
http://www.w3.org/2012/02/08-dnt-minutes
17:06:55 [aleecia]
Brussels:
17:06:55 [aleecia]
http://www.w3.org/2012/01/24-dnt-minutes
17:06:56 [aleecia]
http://www.w3.org/2012/01/25-dnt-minutes
17:06:57 [aleecia]
http://www.w3.org/2012/01/26-dnt-minutes
17:06:57 [Zakim]
+Hakon
17:07:07 [schunter]
q?
17:07:10 [aleecia]
thanks Nick!
17:07:18 [npdoty]
note that I did get some extra notes on one days of Brussels minutes, that I'll add in
17:07:22 [tedleung]
minutes from previous meetings approved
17:07:28 [npdoty]
Zakim, next agendum
17:07:28 [Zakim]
agendum 2 was just opened, npdoty
17:07:28 [aleecia]
https://www.w3.org/2011/tracking-protection/track/actions/overdue
17:07:35 [npdoty]
Zakim, take up agendum 3
17:07:35 [Zakim]
agendum 3. "Review of overdue action items" taken up [from aleecia]
17:08:04 [npdoty]
action-82?
17:08:04 [trackbot]
ACTION-82 -- Thomas Lowenthal to assess the proposed JavaScript opt-back-in API with Mozilla mothership's JS gurus [ISSUE-27]. -- due 2012-02-18 -- OPEN
17:08:04 [trackbot]
http://www.w3.org/2011/tracking-protection/track/actions/82
17:08:43 [npdoty]
really close, but not quite finished yet
17:08:44 [tedleung]
tom and andy are still working on a counter proposal
17:08:53 [tedleung]
due by next wed
17:09:13 [npdoty]
action-82 due 2/29
17:09:13 [trackbot]
ACTION-82 Assess the proposed JavaScript opt-back-in API with Mozilla mothership's JS gurus [ISSUE-27]. due date now 2/29
17:09:23 [tedleung]
action-91?
17:09:23 [trackbot]
ACTION-91 -- Andy Zeigler to write text on fingerprinting risk (ISSUE-109, ISSUE-114), with Nick Doty -- due 2012-02-13 -- OPEN
17:09:23 [trackbot]
http://www.w3.org/2011/tracking-protection/track/actions/91
17:09:24 [aleecia]
(Andy speaking)
17:09:30 [npdoty]
action-91 due 2/29
17:09:30 [trackbot]
ACTION-91 Write text on fingerprinting risk (ISSUE-109, ISSUE-114), with Nick Doty due date now 2/29
17:09:33 [Zakim]
- +1.202.637.aacc
17:09:36 [tedleung]
andy says same date as action-82
17:09:49 [tedleung]
action-93?
17:09:49 [trackbot]
ACTION-93 -- Jeffrey Chester to write suggestions for best practices for issue-115, assisted by Ninja, Alan, Jim -- due 2012-02-07 -- OPEN
17:09:49 [trackbot]
http://www.w3.org/2011/tracking-protection/track/actions/93
17:09:55 [jchester2]
Zakim, unmute me
17:09:55 [Zakim]
jchester2 should no longer be muted
17:10:12 [aleecia]
1 more week?
17:10:15 [aleecia]
Or done?
17:10:38 [tedleung]
jchester2 sent text this am. new due date fri to allow alan to comment
17:10:43 [aleecia]
I like Friday better :-)
17:10:48 [jchester2]
zakim, mute me
17:10:48 [Zakim]
jchester2 should now be muted
17:10:53 [npdoty]
action-93: due 2/24
17:10:53 [trackbot]
ACTION-93 write suggestions for best practices for issue-115, assisted by Ninja, Alan, Jim notes added
17:11:05 [aleecia]
TL speaking?
17:11:09 [JC]
JC has joined #DNT
17:11:31 [aleecia]
TL
17:11:49 [tedleung]
tl still has an action for 3rd parties not to represent themselves as 1st parties. holding off until response header issues are clarified
17:11:53 [npdoty]
tl, new due date for action 116?
17:11:58 [aleecia]
Responses via well-known URI:
17:11:58 [aleecia]
https://www.w3.org/2011/tracking-protection/track/issues/124
17:12:09 [tl]
npdoty, 14d please.
17:12:09 [BrianTs]
BrianTs has joined #DNT
17:12:09 [npdoty]
Zakim, take up agendum 4
17:12:09 [Zakim]
agendum 4. ".Discussion of pending review ISSUES" taken up [from aleecia]
17:12:19 [kj]
kj has joined #dnt
17:12:27 [Zakim]
+[Microsoft.a]
17:12:28 [npdoty]
action-116 due 3/6
17:12:28 [trackbot]
ACTION-116 Draft text prohibitng third parties from acting or representing themselves as first parties due date now 3/6
17:13:00 [tedleung]
action-124
17:13:03 [rigo]
q+
17:13:05 [BrianTs]
Zakim, [Microsoft.a] has BrianTs
17:13:05 [Zakim]
+BrianTs; got it
17:13:15 [npdoty]
action-124?
17:13:15 [trackbot]
ACTION-124 -- Amy Colando to draft an alternate 1st/3rd proposal (with Shane and Ted) -- due 2012-02-22 -- OPEN
17:13:15 [trackbot]
http://www.w3.org/2011/tracking-protection/track/actions/124
17:13:27 [npdoty]
schunter: purpose is to give information to user agents about the tracking status
17:13:35 [Chapell]
Chapell has joined #DNT
17:13:36 [tl]
+q
17:13:40 [npdoty]
... tl (with help) proposed a response header in http
17:13:41 [rigo]
q- later
17:13:46 [fielding]
http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#status-resource
17:14:02 [npdoty]
... fielding proposed a well-known URI approach
17:14:15 [npdoty]
q- rigo
17:15:32 [tl]
dsinger, 5.1
17:15:45 [Joanne]
Joanne has joined #DNT
17:16:09 [tedleung]
fielding summarizes the proposal for using the well known URI
17:16:28 [Zakim]
+Chapell
17:17:38 [johnsimpson]
q?
17:19:03 [aleecia]
forgive the 101 question: what happens if a user does not enable javascript?
17:19:21 [npdoty]
the user agent will interpret this, not client-side javascript
17:19:22 [tl]
aleecia, This works fine in that situation. JSON is just a data format.
17:19:29 [aleecia]
thank you, Nick
17:19:52 [npdoty]
schunter: don't need to discuss the particular fields at the moment (since they may change, say)
17:20:01 [tedleung]
schunter asks that we not discuss the specifics of the fields
17:20:13 [schunter]
q?
17:20:19 [tedleung]
rather compare the use of headers vs well known uris
17:20:26 [npdoty]
s/ asks that/:/
17:20:38 [npdoty]
ack tl
17:20:54 [npdoty]
tl: really like this proposal
17:20:58 [tedleung]
tl likes this proposal, would like to see a compromise btwn the two approaches
17:21:27 [tedleung]
tl: does a site have to have a status resources for every object on it?
17:21:56 [tedleung]
would like clarification that every resource must be covered by a status resource
17:22:00 [rigo]
zakim, who is making noise?
17:22:11 [Zakim]
rigo, listening for 10 seconds I heard sound from the following: tl (70%)
17:22:17 [dsriedel]
zakim, mute me
17:22:17 [Zakim]
dsriedel should now be muted
17:22:46 [fielding]
tl: incorporate 4.1.1 of compliance into list of reasons
17:22:54 [tedleung]
would like a connection 4.1.1 of compliance ( the exceptions?)
17:23:09 [aleecia]
when the compliance doc is baked, this gets easier
17:23:17 [aleecia]
+1 to Matthias here
17:23:20 [npdoty]
I think that's compliance doc section 4.4.1?
17:23:49 [dsinger]
dave would like to spend time with both server and client folks here to tease out the pluses and minuses
17:23:53 [tedleung]
given this type of proposal, tl would be comfortable with response headers as May not Must
17:23:59 [rigo]
q+ to tell that it reverts the direction of the protocol
17:24:08 [alex]
zakim, mute me
17:24:08 [Zakim]
alex should now be muted
17:24:30 [fielding]
q?
17:24:32 [schunter]
q?
17:25:01 [WileyS]
Why not both?
17:25:03 [schunter]
q?
17:25:08 [tedleung]
schunter asks, if we have well known uri, do we still need headers
17:25:14 [WileyS]
q+
17:25:36 [WileyS]
Machine readable vs. human readable
17:25:38 [Zakim]
- +1.202.684.aaaa
17:25:49 [tedleung]
tl: well known uri can give a lot more detail, headers can give simple low latency info for user agents
17:26:14 [WileyS]
-q
17:27:03 [aleecia]
Is bootstrapping a problem here?
17:27:04 [npdoty]
q+ on requesting before making a request
17:27:08 [tedleung]
fielding: ua can request on the well known URI before doing anything real on the site, so harder to track
17:27:15 [dsinger]
q?
17:28:21 [WileyS]
well known URI = MUST, response header = SHOULD
17:28:57 [aleecia]
q+
17:29:07 [Zakim]
+ +1.212.565.aapp
17:29:11 [tedleung]
user agent should always ask the well known URI first. if the entire site is covered, then must query about individual resources
17:29:13 [schunter]
q?
17:29:16 [dsinger]
q+
17:29:25 [tl]
+q
17:29:30 [npdoty]
ack rigo
17:29:31 [Zakim]
rigo, you wanted to tell that it reverts the direction of the protocol
17:30:28 [tedleung]
i think rigo was saying that this is similar to what p3p does and that we should look at p3p if we go this direction.
17:31:03 [npdoty]
ack fielding
17:31:38 [tl]
I do not have any of Rigo's confusion, and I didn't have any on my first read of Roy's proposal.
17:32:01 [rigo]
because you haven't read the P3P Specification yet
17:32:04 [johnsimpson]
which is easier to implement? header or well-known URI
17:32:17 [aleecia]
P3P will cause confusion :-)
17:32:43 [tl]
This is not P3P
17:33:08 [johnsimpson]
q?
17:33:31 [tedleung]
this is different from p3p in that it is not general purpose
17:33:41 [johnsimpson]
q+
17:33:43 [tedleung]
(tl and fielding on that last comment)
17:34:13 [schunter]
Rigo: Well-known location only works for simple sites.
17:34:14 [aleecia]
Rigo: well-known location seems simple, but then we add more to it and it gets complicated.
17:34:31 [schunter]
99% of target sites were too complicated to properly model/express in a single location
17:35:05 [tedleung]
it's not about the fields that you send, it's about the fixed location
17:35:06 [schunter]
My take: Federated sites may have difficulties managing a well-known URI for all its pieces.
17:35:12 [tl]
Completely disagree with Rigo's assertion.
17:35:22 [schunter]
Easier for page-author to send a header, too?
17:35:27 [sean]
sean has joined #dnt
17:35:43 [npdoty]
probably depends on the page-author's particular infrastructure
17:35:46 [aleecia]
…but the content at the well-known lot can be dynamic, right? Not sure what Rigo means here?
17:36:02 [tedleung]
claim is that sites cannot react to the DNT value and is therefore not dynamic
17:36:09 [tedleung]
(not understanding his argument)
17:36:15 [schunter]
q?
17:36:41 [npdoty]
ack npdoty
17:36:41 [Zakim]
npdoty, you wanted to comment on requesting before making a request
17:37:36 [tedleung]
npdoty is asking about querying the well known uri before retrieving a resource
17:37:57 [tedleung]
because of things like cookies
17:37:58 [aleecia]
so P3P had a bootstrapping problem because P3P was used to block things. DNT is not envisioned that way. Does bootstrapping matter?
17:37:59 [rigo]
http://www.w3.org/TR/P3P11/#safezone
17:38:08 [rigo]
is what Roy is currently tallking about
17:38:11 [tedleung]
fielding: server must not track the well known uri space
17:38:19 [schunter]
q?
17:39:07 [aleecia]
the Referer piece here is actually interesting (re: safe zone)
17:39:42 [rigo]
I think this is providing additional information and could convey the P3P semantics and also the additional compliance semantics if need be
17:40:16 [tedleung]
npdoty: in the case of a bad server, sending cookies to it (even in the well known uri space) is what you don't want to do
17:40:38 [tedleung]
aleecia: asks to walk through roy's proposal using facebook like button as example
17:41:15 [rigo]
the protocol Roy suggests is here: http://www.w3.org/TR/P3P11/#Well_Known_Location
17:42:31 [tedleung]
fielding: browser is in pre query mode. browser checks it's list of whether it has checked this uri before. query to wellknown uri of ny times returns a list of affiliated servers, facebook like button is not on the list
17:43:18 [tedleung]
and like button is then a 3rd party
17:43:41 [tedleung]
aleecia; now click on like button
17:44:36 [tedleung]
fielding: that's a new user initiated request, so now a 1st party, if client doesn't have tracking policy for facebook, then it will query facebook's well-known URI for policy.
17:45:02 [npdoty]
clicking on the like button would likely have a different tracking status than when loading the like button, right?
17:45:39 [tedleung]
tracking status resource specifies the scope of the covered uri
17:45:48 [aleecia]
zakim, mute me
17:45:48 [Zakim]
aleecia should now be muted
17:47:13 [aleecia]
I wonder if this would be an instructive example to walk through for both proposals. My concern is that cache and sites that can be 1st or 3rd parties always works correctly, in both cases. Certainly the well known URI content can be dynamic
17:47:29 [schunter]
q?
17:47:32 [aleecia]
But does that work with multiple users read the same URI?
17:47:36 [schunter]
ack aleecia
17:47:43 [aleecia]
zakim, mute me
17:47:43 [Zakim]
aleecia should now be muted
17:48:01 [dsinger]
I think the problem only arises with resources that are sometimes 1st and sometimes 3rd party. do referer headers help?
17:48:10 [npdoty]
I think Roy is suggesting that tracking JavaScript like that should initiate xhr requests in a different part of the URI space
17:48:50 [tedleung]
tl is asking about the effects of caching the tracking policy information obtained from the well known uris. concern is about objects like like button which switch back and forth between 1st and 3rd parties
17:49:22 [WileyS]
bad actors will be bad actors - thought we agreed to overly build the standard to try to stop bad actors - they'll find ways around anything we build
17:49:36 [WileyS]
"...agreed to NOT overly build..."
17:50:04 [tedleung]
tl: if i am very nefaries, the js for the like button can call some other piece of code, like flash or java, which might not make an http request which could checked by querying the well known uri
17:50:36 [jchester2]
yes
17:50:41 [aleecia]
Shane: I'm not concerned so much about malice as are we accidentally specifying how things work at a technical level
17:50:49 [aleecia]
+1 for use cases
17:50:51 [tedleung]
schunter: still looking for pros and cons vs headers; also would like to see a walkthrough of some more use cases, using both headers and the well known uri
17:50:55 [npdoty]
yes, it seems like walking through details of some use cases will be important for us
17:51:00 [jchester2]
+1 for use cases
17:51:06 [tedleung]
+1 for use cases
17:51:32 [dsinger]
q?
17:52:04 [aleecia]
Is that good use of group time, or one-on-one? (I'm not sure at all)
17:52:12 [tedleung]
tl wants to have proposal / counter proposal with roy
17:52:52 [tedleung]
schunter wants to build a matrix of pros cons between the various proposals, driven by use cases
17:52:53 [aleecia]
like
17:52:57 [tedleung]
+1
17:53:25 [schunter]
q?
17:53:36 [aleecia]
I'm set
17:53:42 [npdoty]
ack dsinger
17:53:43 [schunter]
ack dsinger
17:54:08 [fielding]
I'd love to have more use cases inside the TPE spec.
17:54:55 [schunter]
4 steps: 1: Use casese; 2: Implementation sketches using both technologies; 3: compare approaches using a table (possibly in wiki)
17:55:31 [tedleung]
dsinger is asking about the privacy of querying the well known uri. is the goal that it is always safe to fetch this uri?
17:55:34 [tedleung]
fielding: yes
17:55:35 [aleecia]
Use cases I'd find helpful for both implementations:
17:55:38 [schunter]
q?
17:55:44 [npdoty]
ack tl
17:55:44 [schunter]
ack tl
17:55:48 [johnsimpson]
zakim, unmute me
17:55:48 [Zakim]
johnsimpson should no longer be muted
17:55:50 [aleecia]
- first party that doesn't do any tracking whatsoever
17:55:57 [tl]
-q
17:56:04 [npdoty]
ack johnsimpson
17:56:15 [aleecia]
- first party with dynamic third parties (e.g. ads)
17:56:29 [tedleung]
johnsimpson is asking which method is easier to implement
17:56:32 [rigo]
dsinger, look at http://www.w3.org/TR/P3P11/#safezone for requirements for fetching WKL
17:56:34 [aleecia]
- first party with a third party promoted to first party (e.g. Like button)
17:56:42 [aleecia]
anything else that would be helpful?
17:56:58 [dsinger]
headers for sites that do no tracking is a simple change to the server config file, no?
17:56:59 [tedleung]
well known uri is easier for sites to deploy because the implemention is external from the existing machinery of their sites
17:57:00 [npdoty]
I think it may vary depending on your particular implementation
17:57:19 [schunter]
I created ISSUE-127 to moderate this comparison...
17:57:20 [schunter]
q?
17:57:28 [aleecia]
David, I do think some of this is very simple -- I was trying to start with "hello world" for use cases there
17:57:28 [alex]
q+
17:57:32 [tedleung]
header field is easier to implement on the user agent side, but it learns the tracking status after it actually makes the request
17:57:51 [aleecia]
+1
17:57:53 [npdoty]
+1
17:58:23 [rigo]
fielding, look at http://www.w3.org/2010/09/raggett-fresh-take-on-p3p/
17:58:25 [npdoty]
(that is, +1 on asking for public input on these different proposals)
17:58:34 [aleecia]
schunter: let's include both in draft
17:58:48 [tedleung]
schunter thinks we should also ask for public input by including both proposals in the draft
17:58:49 [johnsimpson]
+1
17:58:50 [dsinger]
I think both proposals have the nature that the complexity of implementation is proportional to the complexity of tracking, which is good
17:58:53 [npdoty]
I thought we were just looking at the more recent header proposal
17:58:56 [aleecia]
roy: currently both in document
17:59:20 [tedleung]
schunter would also like a call with tl and fielding to synchronize on the fields
17:59:22 [aleecia]
david, +1
17:59:25 [Zakim]
-[Microsoft]
17:59:58 [npdoty]
yeah, the fields won't be completely identical, but the exceptions area in particular may be good to synchronize
18:00:01 [rigo]
exactly what Roy is saying: Scope of the declaration
18:00:05 [tedleung]
fielding is unsure the field synchronization is possible
18:00:11 [schunter]
q?
18:00:12 [rigo]
+1 to take offline
18:00:16 [tedleung]
field synchronization discussion to go offline
18:00:24 [npdoty]
ack alex
18:01:18 [fielding]
http://www.w3.org/2011/tracking-protection/drafts/tracking-dnt.html#status-caching
18:01:24 [tedleung]
alex - do we need to include language to address user-agent caching?
18:01:58 [tl]
If only HTTP provided for detailed descriptions of cacheability?
18:02:03 [Zakim]
- +1.562.865.aadd
18:02:41 [tl]
+q
18:02:57 [rigo]
the scope of the statement is different. A response to a DNT is on the request
18:03:00 [aleecia]
q?
18:03:02 [npdoty]
ack tl
18:03:07 [rigo]
the WKL is scoped on all requests
18:03:30 [sean]
super robot!
18:03:43 [aleecia]
everyone loves giant robots
18:03:48 [tedleung]
schunter: plan is to publish both proposals in next WD, work out pros and cons matrix via use cases
18:03:54 [dsinger]
I think we need to understand the uses cases, pluses and minuses before we even decide whether we want one winner, or ...
18:04:01 [npdoty]
action: schunter to collect use cases for well-known-uri/response-header
18:04:01 [trackbot]
Created ACTION-128 - Collect use cases for well-known-uri/response-header [on Matthias Schunter - due 2012-02-29].
18:04:11 [aleecia]
david, that seems right to me too
18:04:29 [tedleung]
first round of use cases due by end of the week
18:04:56 [fielding]
action: fielding to remove old response header proposal from TPE so that there is just one header proposal
18:04:56 [trackbot]
Created ACTION-129 - Remove old response header proposal from TPE so that there is just one header proposal [on Roy Fielding - due 2012-02-29].
18:05:40 [Zakim]
-dsriedel
18:06:33 [aleecia]
agenda?
18:06:39 [aleecia]
- Details for site-specific exeptions:
18:06:39 [aleecia]
https://www.w3.org/2011/tracking-protection/track/issues/113
18:06:39 [aleecia]
https://www.w3.org/2011/tracking-protection/track/issues/112
18:06:39 [aleecia]
https://www.w3.org/2011/tracking-protection/track/issues/111
18:07:04 [npdoty]
Zakim, close agendum 2
18:07:04 [Zakim]
agendum 2, Any comments on minutes:, closed
18:07:05 [Zakim]
I see 4 items remaining on the agenda; the next one is
18:07:05 [Zakim]
3. Review of overdue action items [from aleecia]
18:07:08 [npdoty]
Zakim, close agendum 3
18:07:08 [Zakim]
agendum 3, Review of overdue action items, closed
18:07:09 [Zakim]
I see 3 items remaining on the agenda; the next one is
18:07:09 [Zakim]
4. .Discussion of pending review ISSUES [from aleecia]
18:07:10 [WileyS]
+q
18:07:11 [tedleung]
next: issues on site specific exceptions
18:07:19 [tl]
+q
18:07:22 [npdoty]
Zakim, take up agendum 4
18:07:22 [Zakim]
agendum 4. ".Discussion of pending review ISSUES" taken up [from aleecia]
18:07:30 [npdoty]
Topic: site-specific exceptions issues
18:07:36 [Zakim]
- +1.510.501.aaff
18:08:09 [WileyS]
I'd like to make the case for DNT:2 if possible
18:08:14 [Haakon]
Haakon has left #dnt
18:08:16 [schunter]
q?
18:08:20 [jchester2]
Issue 112 goes to heart of First and Third party issues, and requires indepth discussion
18:08:30 [tl]
I'd like to make the case against DNT:2.
18:08:38 [Zakim]
-Hakon
18:08:40 [npdoty]
q?
18:08:57 [tedleung]
issue-111?
18:08:57 [trackbot]
ISSUE-111 -- Different DNT value to signify existence of site-specific exception -- pending review
18:08:57 [trackbot]
http://www.w3.org/2011/tracking-protection/track/issues/111
18:08:58 [schunter]
q?
18:09:03 [npdoty]
ack WileyS
18:09:12 [jchester2]
I have to sign off, unfortunately, due to conflict. I hope we can address 112 next week
18:09:21 [Zakim]
-jchester2
18:09:36 [npdoty]
it's the current proposal from WileyS, and it's mentioned as in open issue in the draft
18:10:37 [schunter]
q?
18:10:45 [fielding]
the issue is noted in both 4.1 and 6.5
18:10:57 [npdoty]
within JavaScript
18:12:30 [npdoty]
do you want DNT:2 to be a promise that the user agent has persisted all the permissions that were requested the last time?
18:13:00 [tedleung]
argument for dnt:2 is to reduce the amount of polling for site-specific exceptions
18:13:15 [fielding]
q+
18:13:27 [npdoty]
s/argument/WileyS: argument/
18:13:40 [npdoty]
ack tl
18:14:02 [vincent_]
npdoty, that's not what I understand, it's rather to know that at least one exception exist for this site
18:14:10 [tedleung]
tl constant polling allows user agent to make very robust choices about when it prompts users and how long to store exceptions
18:14:21 [npdoty]
I agree, vincent_, but I'm not sure that's Shane's use case
18:14:29 [schunter]
action: schunter to collect use-cases for URI vs Response header
18:14:30 [trackbot]
Created ACTION-130 - Collect use-cases for URI vs Response header [on Matthias Schunter - due 2012-02-29].
18:14:38 [npdoty]
s/tl constant/tl: constant/
18:14:56 [schunter]
action: fielding to sketch use case implementation for URI
18:14:56 [trackbot]
Created ACTION-131 - Sketch use case implementation for URI [on Roy Fielding - due 2012-02-29].
18:15:10 [rigo]
I don't understand why the UA doesn't send DNT=0 if a site specific exception has been granted?
18:15:11 [WileyS]
+q
18:15:11 [schunter]
action: tl to sketch use case implementation for URI
18:15:11 [trackbot]
Sorry, amibiguous username (more than one match) - tl
18:15:11 [trackbot]
Try using a different identifier, such as family name or username (eg. tleung2, tlowenth)
18:15:40 [WileyS]
Disagree - remember this will happen on every single page request from a DNT:1 user
18:15:42 [schunter]
action: tlowenth to sketch use case implementation for Response Headers
18:15:42 [trackbot]
Created ACTION-132 - Sketch use case implementation for Response Headers [on Thomas Lowenthal - due 2012-02-29].
18:15:48 [tedleung]
tl: overhead this polling is not any worse than some of the ajax style traffic that is used to provide a rich experience on the web today
18:16:07 [Zakim]
- +1.202.637.aahh
18:16:19 [schunter]
action: schunter to collect comparison criteria and summarize comparison in URIvsHeaders table
18:16:19 [trackbot]
Created ACTION-133 - Collect comparison criteria and summarize comparison in URIvsHeaders table [on Matthias Schunter - due 2012-02-29].
18:16:23 [npdoty]
I don't think tl is referring to ajax style network traffic, but use of javascript on the client
18:17:09 [npdoty]
fielding, are you on the queue to describe cookies as the way to maintain state?
18:17:21 [fielding]
no
18:17:37 [npdoty]
q+ to suggest cookies
18:17:46 [rigo]
roy, why aren't they sending DNT=0 after exception?
18:18:06 [rigo]
and maintain state in the browser (client-side)
18:18:42 [tedleung]
WileyS: DNT:2 is in addition to DNT:1 and would be a should not a must. Full user control is still present with DNT:1
18:18:45 [npdoty]
ack fielding
18:19:13 [tedleung]
fielding: isn't client going to be sent DNT:0 if there is a site specific exception?
18:19:27 [tedleung]
WileyS: no, DNT:0 doesn't cover the site specific exception case
18:20:18 [tedleung]
WileyS: the question is when do we poll for site specific exceptions
18:20:49 [npdoty]
my understanding is that the first-party will continue to receive DNT:1 when some of the third-parties might be receiving exceptions
18:21:04 [rigo]
the scope of DNT=2 is going far beyond the request and will create all sorts of complexities and issues IMHO
18:21:07 [npdoty]
tl: one or more gets DNT:2, or when all of them?
18:21:24 [tedleung]
WileyS: my conception of DNT:2 is that one or more of the first party's 3rd parties have been granted a site specific exception
18:22:02 [rigo]
q?
18:22:31 [fielding]
note that none of these details are present in the issue
18:22:40 [vincent_]
wait, how do you know you polled me since you added your last third party if you can't track me?
18:22:59 [rigo]
why doesn't the third party poll the user themselves?
18:23:28 [rigo]
so the first party only wants to give content if the third party tracking is allowed and needs communications to know that
18:24:16 [schunter]
It is information that tells the site ¨this guy sent DNT;1, have I received exceptions that continues my site to operate?¨
18:24:44 [rigo]
in this case, DNT=2 means that requests are only allowed if all exceptions are granted
18:24:51 [Zakim]
- +1.212.565.aapp
18:25:19 [schunter]
I believe that ´does not my site still work´ is a valid question/concern.
18:25:28 [tedleung]
npdoty: if the UA only grant exceptions for some of the 3rd parties, what DNT value is that?
18:25:29 [rigo]
whatif the UA just does not request that content from the third party at all?
18:25:48 [aleecia]
(5 minutes left on this call)
18:26:17 [npdoty]
< 1ms, presumably, for a JS call, right?
18:27:39 [npdoty]
agenda?
18:29:36 [npdoty]
we definitely have some confusion here :)
18:29:44 [schunter]
Ideas how to clarify?
18:29:48 [schunter]
Email?
18:29:54 [tedleung]
make it hard to scribe
18:30:12 [npdoty]
WileyS: better if the user agent does it because it's faster
18:30:23 [rigo]
tl suggests to send a different javascript depending on whether the service received DNT=1 or DNT=0
18:30:27 [WileyS]
Suggest we take this offline
18:30:29 [npdoty]
fielding: but your server constructing different JavaScript based on a different value would actually be much slower
18:30:40 [npdoty]
WileyS: but don't want to do this JavaScript polling on every page
18:30:41 [fielding]
I can see the desire, but given the fact that a user agent can change preferences at any time and that the server cannot trust the 2 being sent anyway if it depends on it, the DNT:2 proposal is not useful.
18:30:55 [WileyS]
Versus polling and adding polling overhead on every single request
18:31:13 [npdoty]
tl: executing the JavaScript is also on the client side, super fast!
18:32:13 [ChrisPedigoOPA]
q+
18:32:16 [npdoty]
q-
18:32:21 [npdoty]
q- WileyS
18:32:24 [schunter]
q?
18:33:03 [aleecia]
Sorry, hard stop for me today. Off I go.
18:33:04 [WileyS]
Email is fine
18:33:06 [npdoty]
ack ChrisPedigoOPA
18:33:49 [npdoty]
I think we should wrap-up and continue in email
18:33:51 [schunter]
Our goal must be to implement Shane´s requirement in the most efficient way
18:33:58 [WileyS]
Let's document the full use case and we can come back to discuss after that
18:34:29 [schunter]
+1
18:34:43 [ChrisPedigoOPA]
+1
18:34:50 [WileyS]
I have to jump - apologies - really want to stay. Look forward to the email chain! :-)
18:35:11 [Zakim]
-PederMagee
18:35:13 [npdoty]
Zakim, close this agendum
18:35:13 [Zakim]
agendum 4 closed
18:35:14 [Zakim]
I see 2 items remaining on the agenda; the next one is
18:35:14 [Zakim]
5. Timeline to next public document release [from aleecia]
18:35:35 [npdoty]
schunter: by next week, polish the document so it's presentable to the public
18:35:50 [Zakim]
- +1.206.619.aaoo
18:35:50 [npdoty]
... take a quick look next week to make sure we're okay releasing the next draft to the public
18:36:07 [npdoty]
... if the issues are closed, remove them, other issues remain in the doc
18:36:15 [npdoty]
fielding: okay
18:36:15 [Zakim]
-Chapell
18:36:24 [Zakim]
- +1.408.349.aagg
18:36:26 [Zakim]
- +1.202.744.aakk
18:36:37 [tedleung]
npdoty: thanks for the help
18:37:01 [Zakim]
-Rigo
18:37:02 [dsinger]
…regrets he is still behind-hand with the emails...
18:37:02 [Zakim]
-eberkower
18:37:05 [Zakim]
-alex
18:37:06 [Zakim]
-Nokia
18:37:07 [Zakim]
-johnsimpson
18:37:07 [dsinger]
thx all
18:37:08 [Zakim]
-Helena
18:37:08 [Zakim]
-rvaneijk
18:37:10 [Zakim]
-dsinger
18:37:12 [npdoty]
thanks to tedleung for scribing
18:37:12 [Zakim]
- +1.206.369.aall
18:37:13 [Zakim]
-tl
18:37:15 [johnsimpson]
johnsimpson has left #DNT
18:37:15 [Zakim]
-aleecia
18:37:17 [Zakim]
-[Microsoft.a]
18:37:19 [tedleung]
tedleung has left #dnt
18:37:19 [Zakim]
- +1.617.733.aaii
18:37:23 [vm]
vm has left #dnt
18:37:23 [npdoty]
Zakim, list attendees
18:37:23 [Zakim]
As of this point the attendees have been aleecia, tl, rvaneijk, npdoty, +1.202.684.aaaa, +1.646.654.aabb, +1.202.637.aacc, +1.562.865.aadd, Rigo, PederMagee, eberkower,
18:37:27 [Zakim]
... johnsimpson, schunter, +1.978.944.aaee, +1.510.501.aaff, jchester2, [Microsoft], +1.408.349.aagg, +1.202.637.aahh, aadd, VikramMalaiya, +1.617.733.aaii, Helena,
18:37:27 [Zakim]
... +1.408.423.aajj, +1.202.744.aakk, +1.206.369.aall, +1.813.366.aamm, dsriedel, +1.408.423.aann, alex, +1.206.619.aaoo, dsinger, fielding, Hakon, BrianTs, Chapell,
18:37:29 [Zakim]
... +1.212.565.aapp
18:37:30 [rigo]
rigo has left #dnt
18:37:31 [Zakim]
-fielding
18:37:38 [Zakim]
-aadd.a
18:37:41 [npdoty]
rrsagent, draft minutes
18:37:41 [RRSAgent]
I have made the request to generate http://www.w3.org/2012/02/22-dnt-minutes.html npdoty
18:37:49 [schunter]
action: fielding to cleanup document to produce next public version of TPE
18:37:49 [trackbot]
Created ACTION-134 - Cleanup document to produce next public version of TPE [on Roy Fielding - due 2012-02-29].
18:38:02 [npdoty]
rrsagent, make logs world
18:38:21 [npdoty]
Chair: schunter
18:38:31 [npdoty]
Meeting: Tracking Protection Working Group teleconference
18:39:06 [npdoty]
rrsagent, draft minutes
18:39:06 [RRSAgent]
I have made the request to generate http://www.w3.org/2012/02/22-dnt-minutes.html npdoty
18:39:13 [npdoty]
Zakim, bye
18:39:13 [Zakim]
leaving. As of this point the attendees were aleecia, tl, rvaneijk, npdoty, +1.202.684.aaaa, +1.646.654.aabb, +1.202.637.aacc, +1.562.865.aadd, Rigo, PederMagee, eberkower,
18:39:13 [Zakim]
Zakim has left #dnt
18:39:16 [Zakim]
... johnsimpson, schunter, +1.978.944.aaee, +1.510.501.aaff, jchester2, [Microsoft], +1.408.349.aagg, +1.202.637.aahh, aadd, VikramMalaiya, +1.617.733.aaii, Helena,
18:39:16 [Zakim]
... +1.408.423.aajj, +1.202.744.aakk, +1.206.369.aall, +1.813.366.aamm, dsriedel, +1.408.423.aann, alex, +1.206.619.aaoo, dsinger, fielding, Hakon, BrianTs, Chapell,
18:39:17 [Zakim]
... +1.212.565.aapp
18:39:26 [schunter]
action: wiley to detail use case for ISSUE-111 (DNT;2)
18:39:26 [trackbot]
Created ACTION-135 - Detail use case for ISSUE-111 (DNT;2) [on Shane Wiley - due 2012-02-29].
18:40:51 [schunter]
action: Propose simplified set of fields for URI and response headers
18:40:51 [trackbot]
Sorry, couldn't find user - Propose
18:41:08 [schunter]
action: Schunter to Propose simplified set of fields for URI and response headers
18:41:08 [trackbot]
Created ACTION-136 - Propose simplified set of fields for URI and response headers [on Matthias Schunter - due 2012-02-29].
18:43:43 [karl]
karl has joined #dnt
19:14:29 [npdoty]
rrsagent, bye
19:14:29 [RRSAgent]
I see 11 open action items saved in http://www.w3.org/2012/02/22-dnt-actions.rdf :
19:14:29 [RRSAgent]
ACTION: schunter to collect use cases for well-known-uri/response-header [1]
19:14:29 [RRSAgent]
recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-04-01
19:14:29 [RRSAgent]
ACTION: fielding to remove old response header proposal from TPE so that there is just one header proposal [2]
19:14:29 [RRSAgent]
recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-04-56
19:14:29 [RRSAgent]
ACTION: schunter to collect use-cases for URI vs Response header [3]
19:14:29 [RRSAgent]
recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-14-29
19:14:29 [RRSAgent]
ACTION: fielding to sketch use case implementation for URI [4]
19:14:29 [RRSAgent]
recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-14-56
19:14:29 [RRSAgent]
ACTION: tl to sketch use case implementation for URI [5]
19:14:29 [RRSAgent]
recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-15-11-1
19:14:29 [RRSAgent]
ACTION: tlowenth to sketch use case implementation for Response Headers [6]
19:14:29 [RRSAgent]
recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-15-42
19:14:29 [RRSAgent]
ACTION: schunter to collect comparison criteria and summarize comparison in URIvsHeaders table [7]
19:14:29 [RRSAgent]
recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-16-19
19:14:29 [RRSAgent]
ACTION: fielding to cleanup document to produce next public version of TPE [8]
19:14:29 [RRSAgent]
recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-37-49
19:14:29 [RRSAgent]
ACTION: wiley to detail use case for ISSUE-111 (DNT;2) [9]
19:14:29 [RRSAgent]
recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-39-26
19:14:29 [RRSAgent]
ACTION: Propose simplified set of fields for URI and response headers [10]
19:14:29 [RRSAgent]
recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-40-51
19:14:29 [RRSAgent]
ACTION: Schunter to Propose simplified set of fields for URI and response headers [11]
19:14:29 [RRSAgent]
recorded in http://www.w3.org/2012/02/22-dnt-irc#T18-41-08
19:14:36 [npdoty]
trackbot, bye
19:14:36 [trackbot]
trackbot has left #dnt