html5/webstorage Overview.html,1.75,1.76 from Ian Hickson via cvs-syncmail on 2009-09-14 (public-html-commits@w3.org from September 2009)

From: Ian Hickson via cvs-syncmail <cvsmail@w3.org>
Date: Mon, 14 Sep 2009 07:38:31 +0000
To: public-html-commits@w3.org
Message-Id: <E1Mn68t-0001Cy-Rn@lionel-hutz.w3.org>
Update of /sources/public/html5/webstorage
In directory hutz:/tmp/cvs-serv4630

Modified Files:
	Overview.html 
Log Message:
Tidy up the cookie resurrection text. (whatwg r3838)

Index: Overview.html
===================================================================
RCS file: /sources/public/html5/webstorage/Overview.html,v
retrieving revision 1.75
retrieving revision 1.76
diff -u -d -r1.75 -r1.76
--- Overview.html	8 Sep 2009 21:58:33 -0000	1.75
+++ Overview.html	14 Sep 2009 07:38:29 -0000	1.76
@@ -265,8 +265,7 @@
  <li><a href="#privacy"><span class="secno">6 </span>Privacy</a>
   <ol>
    <li><a href="#user-tracking"><span class="secno">6.1 </span>User tracking</a></li>
-   <li><a href="#cookie-resurrection"><span class="secno">6.2 </span>Cookie resurrection</a></li>
-   <li><a href="#sensitivity-of-data"><span class="secno">6.3 </span>Sensitivity of data</a></ol></li>
+   <li><a href="#sensitivity-of-data"><span class="secno">6.2 </span>Sensitivity of data</a></ol></li>
  <li><a href="#security"><span class="secno">7 </span>Security</a>
   <ol>
    <li><a href="#dns-spoofing-attacks"><span class="secno">7.1 </span>DNS spoofing attacks</a></li>
@@ -676,14 +675,17 @@
    <dt>Treating persistent storage as cookies</dt>
    <dd>
 
-    <p>User agents should present the
+    <p>If users attempt to protect their privacy by clearing cookies
+    without also clearing data stored in the
+
     
-    persistent storage feature
-    to the user in a way that associates them strongly with HTTP
-    session cookies. <a href="#refsCOOKIES">[COOKIES]</a></p>
+    persistent storage
 
-    <p>This might encourage users to view such storage with healthy
-    suspicion.</p>
+    feature, sites can defeat those attempts by using the two features
+    as redundant backup for each other. User agents should present the
+    interfaces for clearing these in a way that helps users to
+    understand this possibility and enables them to delete data in all
+    persistent storage features simultaneously. <a href="#refsCOOKIES">[COOKIES]</a></p>
 
    </dd>
 
@@ -741,12 +743,7 @@
   retroactively). This information can then be shared with other
   sites, using using visitors' IP addresses and other user-specific
   data (e.g. user-agent headers and configuration settings) to combine
-  separate sessions into coherent user profiles.<h3 id="cookie-resurrection"><span class="secno">6.2 </span>Cookie resurrection</h3><p>If the user interface for persistent storage presents data in the
-  persistent storage features described in this specification
-  separately from data in HTTP session cookies, then users are likely
-  to delete data in one and not the other. This would allow sites to
-  use the two features as redundant backup for each other, defeating a
-  user's attempts to protect his privacy.<h3 id="sensitivity-of-data"><span class="secno">6.3 </span>Sensitivity of data</h3><p>User agents should treat persistently stored data as potentially
+  separate sessions into coherent user profiles.<h3 id="sensitivity-of-data"><span class="secno">6.2 </span>Sensitivity of data</h3><p>User agents should treat persistently stored data as potentially
   sensitive; it's quite possible for e-mails, calendar appointments,
   health records, or other confidential documents to be stored in this
   mechanism.<p>To this end, user agents should ensure that when deleting data,
Received on Monday, 14 September 2009 07:38:42 UTC