W3C home > Mailing lists > Public > public-web-intents@w3.org > November 2011

Web Intents: Opacity

From: timeless <timeless@gmail.com>
Date: Tue, 22 Nov 2011 17:22:02 -0500
Message-ID: <CAACrNNf+PKO7UgG6Oi=GFy2gYmvAWrAV1cmVqRHU=yLcj9SRYQ@mail.gmail.com>
To: WebIntents <public-web-intents@w3.org>
Cc: Greg Billock <gbillock@google.com>
On Tue, Nov 22, 2011 at 2:28 PM, Greg Billock <gbillock@google.com> wrote:
>>> ยง2 Opacity

> Even same-origin requests to see if the service is registered could be
> misused as a (weak) cookie.

Indeed

> Something that may become ergonomically helpful and be an acceptable
> tradeoff is a client ability to request whether any services at all are
> registered for a particular action/type. I'm leery even of that, though.

I'm rather strongly opposed to even that. It took us years to address
a:visited, it's too easy to discover if someone has been somewhere and
abuse that knowledge.
Received on Tuesday, 22 November 2011 22:22:29 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:14:45 UTC