Request Privacy Review of Navigation Timing Level 2

Hi,

The WebPerf WG is working on a new version of the Navigation Timing 
spec:
   https://www.w3.org/TR/navigation-timing-2/

Most of the L2 features have been implemented by the major browsers.
[[
Navigation Timing 2 replaces the first version of [NAVIGATION-TIMING] 
and includes the following changes:

* the definition of Performance interface was moved to 
[PERFORMANCE-TIMELINE-2];
* builds on top of [RESOURCE-TIMING-2];
* support for [PERFORMANCE-TIMELINE-2];
* support for [HR-TIME-2];
* support for prerender navigations [RESOURCE-HINTS];
* exposes number of redirects since the last non-redirect navigation;
* exposes next hop network protocol;
* exposes transfer, encoded body and decoded body size information;
* secureConnectionStart attribute is now mandatory.
]]

The L2 spec contains a privacy consideration section, which introduces 
the timing allow check algorithm defined in Resource Timing L2 spec.
   https://www.w3.org/TR/navigation-timing-2/#privacy
[[
There is the potential for disclosing an end-user's browsing and 
activity history by using carefully crafted timing attacks. For 
instance, the unloading time reveals how long the previous page takes to 
execute its unload handler, which could be used to infer the user's 
login status. These attacks have been mitigated by enforcing the timing 
allow check algorithm when timing information involving the previous 
navigation is accessed. [RESOURCE-TIMING-2]

The relaxed same origin policy doesn't provide sufficient protection 
against unauthorized visits across documents. In shared hosting, an 
untrusted third party is able to host an HTTP server at the same IP 
address but on a different port.
]]

Please let us know if there is any new concerns for the Navigation 
Timing API before the end of January, either by 
emails<public-web-perf@w3.org> or GitHub issues 
<https://github.com/w3c/navigation-timing/>.

Thanks.

-xiaoqian

Received on Friday, 14 December 2018 14:00:19 UTC