- From: Mike O'Neill <michael.oneill@baycloud.com>
- Date: Mon, 2 Sep 2013 09:58:00 +0100
- To: <public-tracking@w3.org>
- Cc: "'Chris Mejia'" <chris.mejia@iab.net>, "Rigo Wenning" <rigo@w3.org>
Received on Monday, 2 September 2013 08:58:34 UTC
Other W3C groups are working on cross-platform standards for web apps. Web apps need access to device interfaces for such things as telephony, geo-location and contact lists so "certified" apps are being defined which those that would have access to such "sensitive" APIs. A certified app is cryptographically signed by an organisation such as an app webstore to prove it has been vetted. I wonder if we could leverage this approach to help solve the "valid DNT signal" problem. If the DNT signal (general pref. as well as the site-specific exception) could be managed by an API that was only available to certified applications, and we could agree the parameters to decide what institutions could make vetting decisions, maybe that would help us reach consensus. These certified apps could be hosted or packaged, and could reside in UAs (built-in). As it stands only packaged apps are certifiable right now but hosted apps could have this facility also (signing the manifest?) , and so why not simple web sites. Mike
Received on Monday, 2 September 2013 08:58:34 UTC