This repository has been archived by the owner on Nov 7, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 7
/
goals.bsinc
53 lines (37 loc) · 2.75 KB
/
goals.bsinc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# Attacker goals # {#goals}
These are things [=attackers=] want to accomplish.
## User metrics within a single site ## {#goals-metrics}
### Click tracking ### {#goal-click-tracking}
A site wants to know which of its links a user clicks on.
## Tracking ## {#goals-tracking}
[[tracking-dnt]] defines "tracking" as the collection of data regarding a
particular user's activity across multiple distinct contexts and the retention,
use, or sharing of data derived from that activity outside the context in which
it occurred. A context is a set of resources that are controlled by the same
party or jointly controlled by a set of parties. The following are building
blocks that allow a tracker to build such a log of a user's activity.
### Transfer user ID from publisher 1 to publisher 2 on navigation. ### {#goal-transfer-userid}
When the user clicks a link from [=publisher=] 1 that navigates to [=publisher=]
2, publisher 2's server learns that a [=user ID=] on publisher 2 and a [=user ID=] on
publisher 1 represent the same [=user=].
### Transfer user ID from tracker to that tracker running within a publisher, on navigation. ### {#goal-userid-tracker-to-self-in-pub}
When the user clicks a link from `tracker.example` to `publisher.example`, that
[=tracker's=] server learns that a [=user ID=] for either `publisher.example` or
the tracker running within `publisher.example` and a [=user ID=] for
`tracker.example` represent the same [=user=].
### Transfer user ID from tracker within publisher 1 to that tracker within publisher 2, on navigation. ### {#goal-userid-tracker-in-pub1-to-self-in-pub2}
When the user clicks a link from `publisher1.example` (where a tracker was
embedded within that site) to `publisher2.example` (which has the same tracker
embedded), that [=tracker's=] server learns that a [=user ID=] for either
`publisher1.example` or the tracker running within `publisher1.example` and a
[=user ID=] for either `publisher2.example` or the tracker running within
`publisher2.example` represent the same [=user=].
### Probabilistically transfer user ID from publisher 1 to publisher 2 on navigation. ### {#goal-prob-transfer-userid}
When the user clicks a link from [=publisher=] 1 that navigates to [=publisher=]
2, publisher 2's server learns that a [=user ID=] on publisher 2 and a [=user ID=] on
publisher 1 are more likely than chance to represent the same [=user=].
### Probabilistically transfer user ID from publisher 1 to publisher 2 without navigation. ### {#goal-prob-transfer-userid-no-nav}
While the user is visiting [=publisher=] 1, that publisher can tell
[=publisher=] 2 that a [=user ID=] on publisher 2 and a [=user ID=] on publisher
1 are more likely than chance to represent the same [=user=], without requiring
the user to navigate from publisher 1 to publisher 2.