W3C home > Mailing lists > Public > public-html-commits@w3.org > August 2009

html5/webstorage Overview.html,1.64,1.65

From: Ian Hickson via cvs-syncmail <cvsmail@w3.org>
Date: Mon, 17 Aug 2009 23:01:57 +0000
To: public-html-commits@w3.org
Message-Id: <E1MdBDB-00023r-S3@lionel-hutz.w3.org>
Update of /sources/public/html5/webstorage
In directory hutz:/tmp/cvs-serv7909

Modified Files:
	Overview.html 
Log Message:
Add a note about it being important that data get deleted promptly. (whatwg r3649)

Index: Overview.html
===================================================================
RCS file: /sources/public/html5/webstorage/Overview.html,v
retrieving revision 1.64
retrieving revision 1.65
diff -u -d -r1.64 -r1.65
--- Overview.html	17 Aug 2009 02:15:16 -0000	1.64
+++ Overview.html	17 Aug 2009 23:01:55 -0000	1.65
@@ -265,7 +265,8 @@
  <li><a href="#privacy"><span class="secno">6 </span>Privacy</a>
   <ol>
    <li><a href="#user-tracking"><span class="secno">6.1 </span>User tracking</a></li>
-   <li><a href="#cookie-resurrection"><span class="secno">6.2 </span>Cookie resurrection</a></ol></li>
+   <li><a href="#cookie-resurrection"><span class="secno">6.2 </span>Cookie resurrection</a></li>
+   <li><a href="#sensitivity-of-data"><span class="secno">6.3 </span>Sensitivity of data</a></ol></li>
  <li><a href="#security"><span class="secno">7 </span>Security</a>
   <ol>
    <li><a href="#dns-spoofing-attacks"><span class="secno">7.1 </span>DNS spoofing attacks</a></li>
@@ -749,7 +750,11 @@
   separately from data in HTTP session cookies, then users are likely
   to delete data in one and not the other. This would allow sites to
   use the two features as redundant backup for each other, defeating a
-  user's attempts to protect his privacy.<h2 id="security"><span class="secno">7 </span>Security</h2><h3 id="dns-spoofing-attacks"><span class="secno">7.1 </span>DNS spoofing attacks</h3><p>Because of the potential for DNS spoofing attacks, one cannot
+  user's attempts to protect his privacy.<h3 id="sensitivity-of-data"><span class="secno">6.3 </span>Sensitivity of data</h3><p>User agents should treat persistently stored data as potentially
+  sensitive; it's quite possible for e-mails, calendar appointments,
+  health records, or other confidential documents to be stored in this
+  mechanism.<p>To this end, user agents should ensure that when deleting data,
+  it is promptly deleted from the underlying storage.<h2 id="security"><span class="secno">7 </span>Security</h2><h3 id="dns-spoofing-attacks"><span class="secno">7.1 </span>DNS spoofing attacks</h3><p>Because of the potential for DNS spoofing attacks, one cannot
   guarantee that a host claiming to be in a certain domain really is
   from that domain. To mitigate this, pages can use SSL. Pages using
   SSL can be sure that only pages using SSL that have certificates
Received on Monday, 17 August 2009 23:02:06 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 17 August 2009 23:02:10 GMT