Snipping aggressively to get to a piece that I think is important. Happy to continue chatting about anything I cut, but I don't think we're diametrically opposed on any of it. :) On Fri, Feb 22, 2019 at 8:22 PM Pete Snyder <psnyder@brave.com> wrote: > The common goal in these changes is to increase the privacy of browsing on > the web _between the server(s) and the client_, and at a high level aiming > for the goal of websites not being able to identify the user without the > user’s intent. This framing feels too narrow, and I hope that the group can produce a document that speaks to this class of privacy threats _as well as_ other classes. Backing up a bit, it seems like there are three large groups of threats: 1. Privacy with regard to data stored on a user's local machine (caches, DOM storage, history information, MotW, etc). 2. Privacy with regard to the browser's interaction with websites (cookies, fingerprinting, web APIs, etc). 3. Privacy with regard to the browser's non-webby features, especially those that make use of users' data (e.g. address bar integrations, telemetry engines, ad networks, safe browsing, payment systems, password managers, etc). I hope that the group wouldn't limit itself to the second of these when defining "privacy mode". It seems like folks can reasonably make tradeoffs in all three categories (and, really, there might be more categories I'm not thinking of!). -mike
Received on Monday, 25 February 2019 09:27:03 UTC