One more thought on this: > //------------------------------------------------------- > Additional implementation consideration > > This section is non-normative > > Further to the requirements listed in the previous section, > implementors of the Geolocation API are also advised to consider the > following aspects that may negatively affect the privacy of their > users: in certain cases, users may inadvertently grant permission to > the User Agent to disclose their location to Web sites. In other > cases, the content hosted at a certain URL changes in such a way that > the previously granted location permissions no longer apply as far as > a user is concerned. Or the users might simply change their mind. > > While predicting or preventing these situations is inherently > difficult, mitigation and in-depth defensive measures are an > implementation responsibility and not prescribed by this > specification. In designing these measures, implementers are advised > to enable user awareness of location sharing, and to provide easy > access to interfaces that enable revocation of permissions, even when > users have previously granted authorization. > //------------------------------------------------------- Would it be possible to say "revocation of global and per-origin permissions" in the last sentence? The first paragraph alludes to user concerns about specific sites, but I think it's worth making explicit that permission revocation should be thought of as a per-origin control in addition to a global control. Once I've authorized 100 sites, I shouldn't have to de-authorize them all just because I stop trusting one of them. AlissaReceived on Friday, 5 June 2009 15:11:56 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 7 December 2009 18:13:31 GMT