Should plans for the UI of Private Browsing appear in this spec, or does it just cover the back-end?
Should the cache service be considered as well?
It seems like Safari also doesn't exclude cached data from its private browsing mode. I think the spec should be revised in order to include the cache service as well. --ehsan 10:21, 9 September 2008 (UTC)
should only focus on local traces, not remote tracking
I believe quite strongly that we should focus solely on preventing local traces from being left on the user's computer, and not attempt to provide partial protection against remote correlation of browsing activities. In the face of even IP address logging, to say nothing of ISP-side deep packet inspection, it's an extremely difficult problem to solve, and we would do our users a disservice by setting their expectations inappropriately.
Therefore, I think that we should read from existing cookies and cache entries, and not modify them persistently. That will provide the best browsing experience in terms of site functionality and performance, while still providing the desired protection.
(We may indeed want to find a way to purge the system DNS cache after leaving private browsing mode, per Ehsan's above comment.)