Re: June Change Proposal: Issues 132, 151, 153 from Nicholas Doty on 2013-06-26 (public-tracking@w3.org from June 2013)

From: Nicholas Doty <npdoty@w3.org>
Date: Wed, 26 Jun 2013 01:14:23 -0700
To: Lee Tien <tien@eff.org>
Cc: "public-tracking@w3.org public-tracking@w3.org" <public-tracking@w3.org>
Message-Id: <E7845425-F000-45C2-8BF1-5C6FA5F1CF4E@w3.org>

I believe most of these are aimed at the Tracking Preference Expression document (though our lines are a little blurry on some UA compliance issues). I'm not entirely sure, then, whether we should track these as change proposals; regarding ISSUE-151 and MAY on the exception API might be the most relevant case. To provide some context on the three issues you mention:

The TPE prohibits modification by intermediaries unless "specifically installed or configured to do so by the user making the requests".

Currently the JavaScript Exceptions API is not optional in the TPE, and the Compliance document's Scope section references that part explicitly. If it's important that the section in the Compliance document be changed, please write up an alternative text proposal, which might be as simple as: remove the last clause (3) of the Scope section.

I suspect the text in the TPE editors' draft roughly matches your intention regarding ISSUE-153:
> Software outside of the user agent that causes a DNT header to be sent (or causes existing headers to be modified) MUST NOT do so without ensuring that the requirements of this section are met; such software also MUST ensure the transmitted preference reflects the individual user's preference. 

Hope this helps,
Nick

On Jun 25, 2013, at 6:50 PM, Lee Tien <tien@eff.org> wrote:

> I am not sure the June Draft addresses these, but this is what I propose--not sure where they go.
> 
> 132  An intermediary or hosting provider MUST NOT modify a DNT signal.
> 
> 151  A user agent MAY implement the exception API.
> 
> 153  Software that modifies, but does not initiate, a network interaction MUST adhere to the same standards as software that initiates a network interaction.
> 
> (This is scoped as follows according to the issue tracker:
> 
> “Cases out of scope of this issue:
> - Browser plugins are not considered since they are part of the UA
> - SW that modifies the browser behavior (e.g., via registry changes) is technically also part of the UA (should the UA protect itself?)
> 
> Use cases considered were:
> - A proxy DNT handler for non-DNT browsers
> - An enterprise proxy that implements a corporate policy
> - A home router that handles DNT for a family
> - A internet provider intermediary (configurable by subscribers) that implements DNT within the network”)
> 
> -- 
> Lee Tien
> Senior Staff Attorney
> Electronic Frontier Foundation
> 815 Eddy Street
> San Francisco, CA 94109
> (415) 436-9333 x 102 (tel)
> (415) 436-9993 (fax)
> tien@eff.org

Received on Wednesday, 26 June 2013 08:14:32 UTC