Re: Batch closing of issues (ISSUE-144, ISSUE-187, ISSUE-190, ISSUE-173, ISSUE-138) [pls Respond by Jan 30]

Hi Jonathan,


I discussed the newish model with Nick and Shane and IMHO they are both 
OK with it if we ensure that the following is spelled out in the spec:
- User agents MAY notify users of stored exceptions
- User agents MAY confirm exceptions with users before enacting them 
(e.g., before storing them into the DB)
- User agents MAY at any time adjust stored exceptions to reflect 
potentially changed user preferences

We discussed whether any of those should be worded as a "SHOULD" and 
Nick's point was that
he believes that a MAY may be OK since browsers (who usually defend 
their users) will implement effective measures
if they deem the risk of sites storing inappropriate exceptions high 
enough.

Nevertheless, I will see what other arguments will be raised this week 
(or in response to this message).


Regards,
matthias



On 11/02/2013 20:38, Jonathan Mayer wrote:
> ISSUE-190: We have agreed on a technical mechanism for conveying 
> multiple first parties.  We have not, however, agreed on whether that 
> mechanism MUST or merely MAY be used.  I'm indifferent to whether that 
> keeps this ISSUE open or requires a new ISSUE.
>
> ISSUE-144 and ISSUE-187: I will likely be unable to call into 
> Wednesday's session.  I've previously articulated my concerns about 
> the new(ish) exception model.  I prefer the original direction.
>
> Jonathan
>
> On Monday, February 11, 2013 at 1:14 PM, Matthias Schunter (Intel 
> Corporation) wrote:
>
>> Hi Team,
>>
>> fyi: I have closed ISSUEs 190, 173, 138
>> I have left ISSUE-144 and ISSUE-187 open for our Wednesday discussion.
>>
>> Regards,
>> matthias
>>
>> On 21/01/2013 08:07, Matthias Schunter (Intel Corporation) wrote:
>>> Hi Team,
>>>
>>> I suggest to batch-close the issues listed below that have been marked
>>> PENDING REVIEW for a while.
>>> If you disagree with my proposal to close any of those issues, please
>>> respond by Wednesday, Jan 30.
>>>
>>> Regards,
>>> matthias
>>> --------------------------------
>>> ISSUE-138: Web-Wide Exception Well Known URI
>>> http://www.w3.org/2011/tracking-protection/track/issues/138
>>>
>>> The issue was how to obtain exceptions without Javascript-able
>>> real-estate. Our discussions are reflected in Section 6.8 of the
>>> current spec and (unless someone objects), I plan to close ISSUE-138.
>>> --------------------------------
>>> ISSUE-144: User-granted Exceptions: Constraints on user agent behavior
>>> while granting and for future requests?
>>> http://www.w3.org/2011/tracking-protection/track/issues/144
>>>
>>> IMHO, the new approach to exceptions has removed the requirements on
>>> the user agent.
>>> As a consequence, I believe we can close this issue.
>>> --------------------------------
>>> ISSUE-187: What is the right approach to exception handling?
>>> http://www.w3.org/2011/tracking-protection/track/issues/187
>>>
>>> During the last call, I validated that there is a general preference
>>> for pursuing our rivised approach to exceptions (where the sites
>>> records preference and the UA may double-check it with the user). All
>>> participants can live with this approach.
>>> I suggest to close ISSUE-187.
>>> ----------------------------------
>>> ISSUE-190: Sites with multiple first parties
>>> http://www.w3.org/2011/tracking-protection/track/issues/190
>>>
>>> Roy has proposed changes as response to ACTION-328 and (unless there
>>> are objections), I suggest to implement the changes suggested:
>>> http://lists.w3.org/Archives/Public/public-tracking/2012Nov/0004.html
>>>
>>> -----------------------------------
>>> ISSUE-173: The TPE uses "top-level domain" in a sense that is not the
>>> normal meaning
>>> http://www.w3.org/2011/tracking-protection/track/issues/173
>>>
>>> AFAIK, David Singer has introduced the corresponding bug fixes to the
>>> spec. This ISSUE has thus been resolved and can be closed.
>