Re: Batch closing of issues (ISSUE-144, ISSUE-187, ISSUE-190, ISSUE-173, ISSUE-138) [pls Respond by Jan 30] from Jonathan Mayer on 2013-02-12 (public-tracking@w3.org from February 2013)

From: Jonathan Mayer <jmayer@stanford.edu>
Date: Mon, 11 Feb 2013 20:26:30 -0800
To: "Matthias Schunter (Intel Corporation)" <mts-std@schunter.org>
Cc: public-tracking@w3.org
Message-ID: <48222DCB6CFB4A6F903632B96F15A8EF@gmail.com>
Matthias, 

I'm glad to see progress on the technical elements of the new exception approach.  I look forward to working with the group on the unresolved compliance concerns that I and others have.  Without a meaningful consent standard, the new approach risks a race to the bottom in claimed consent.

Best,
Jonathan


On Monday, February 11, 2013 at 7:41 PM, Matthias Schunter (Intel Corporation) wrote:

> Hi Jonathan,
> 
> 
> I discussed the newish model with Nick and Shane and IMHO they are both OK with it if we ensure that the following is spelled out in the spec:
> - User agents MAY notify users of stored exceptions
> - User agents MAY confirm exceptions with users before enacting them (e.g., before storing them into the DB)
> - User agents MAY at any time adjust stored exceptions to reflect potentially changed user preferences
> 
> We discussed whether any of those should be worded as a "SHOULD" and Nick's point was that 
> he believes that a MAY may be OK since browsers (who usually defend their users) will implement effective measures
> if they deem the risk of sites storing inappropriate exceptions high enough. 
> 
> Nevertheless, I will see what other arguments will be raised this week (or in response to this message).
> 
> 
> Regards,
> matthias
> 
> 
> 
> On 11/02/2013 20:38, Jonathan Mayer wrote:
> > ISSUE-190: We have agreed on a technical mechanism for conveying multiple first parties.  We have not, however, agreed on whether that mechanism MUST or merely MAY be used.  I'm indifferent to whether that keeps this ISSUE open or requires a new ISSUE. 
> > 
> > ISSUE-144 and ISSUE-187: I will likely be unable to call into Wednesday's session.  I've previously articulated my concerns about the new(ish) exception model.  I prefer the original direction. 
> > 
> > Jonathan 
> > 
> > 
> > On Monday, February 11, 2013 at 1:14 PM, Matthias Schunter (Intel Corporation) wrote:
> > 
> > > Hi Team,
> > > 
> > > fyi: I have closed ISSUEs 190, 173, 138 
> > > I have left ISSUE-144 and ISSUE-187 open for our Wednesday discussion.
> > > 
> > > Regards, 
> > > matthias
> > > 
> > > On 21/01/2013 08:07, Matthias Schunter (Intel Corporation) wrote:
> > > > Hi Team,
> > > > 
> > > > I suggest to batch-close the issues listed below that have been marked 
> > > > PENDING REVIEW for a while.
> > > > If you disagree with my proposal to close any of those issues, please 
> > > > respond by Wednesday, Jan 30.
> > > > 
> > > > Regards, 
> > > > matthias
> > > > --------------------------------
> > > > ISSUE-138: Web-Wide Exception Well Known URI
> > > > http://www.w3.org/2011/tracking-protection/track/issues/138
> > > > 
> > > > The issue was how to obtain exceptions without Javascript-able 
> > > > real-estate. Our discussions are reflected in Section 6.8 of the 
> > > > current spec and (unless someone objects), I plan to close ISSUE-138.
> > > > --------------------------------
> > > > ISSUE-144: User-granted Exceptions: Constraints on user agent behavior 
> > > > while granting and for future requests?
> > > > http://www.w3.org/2011/tracking-protection/track/issues/144
> > > > 
> > > > IMHO, the new approach to exceptions has removed the requirements on 
> > > > the user agent.
> > > > As a consequence, I believe we can close this issue.
> > > > --------------------------------
> > > > ISSUE-187: What is the right approach to exception handling?
> > > > http://www.w3.org/2011/tracking-protection/track/issues/187
> > > > 
> > > > During the last call, I validated that there is a general preference 
> > > > for pursuing our rivised approach to exceptions (where the sites 
> > > > records preference and the UA may double-check it with the user). All 
> > > > participants can live with this approach.
> > > > I suggest to close ISSUE-187.
> > > > ----------------------------------
> > > > ISSUE-190: Sites with multiple first parties
> > > > http://www.w3.org/2011/tracking-protection/track/issues/190
> > > > 
> > > > Roy has proposed changes as response to ACTION-328 and (unless there 
> > > > are objections), I suggest to implement the changes suggested:
> > > > http://lists.w3.org/Archives/Public/public-tracking/2012Nov/0004.html
> > > > 
> > > > ----------------------------------- 
> > > > ISSUE-173: The TPE uses "top-level domain" in a sense that is not the 
> > > > normal meaning
> > > > http://www.w3.org/2011/tracking-protection/track/issues/173
> > > > 
> > > > AFAIK, David Singer has introduced the corresponding bug fixes to the 
> > > > spec. This ISSUE has thus been resolved and can be closed.
> > > > 
> > > > 
> > > 
> > > 
> > > 
> > > 
> > 
> > 
>
Received on Tuesday, 12 February 2013 04:26:54 UTC