- From: Lukasz Olejnik <notifications@github.com>
- Date: Fri, 02 Aug 2019 01:24:05 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Friday, 2 August 2019 08:24:28 UTC
Hello, The proposal requires a security and privacy assessment, and the questionnaire filled. Notably it would be necessary to see through these (among others): - It seems you would need clear permissions for this use - I don't think http/https is the main security issue here - Possible risk of bypassing multifactor auth with this automated scheme? - I don't think that fingerprinting/etc is the main privacy risk here - Risk of private SMS hijacked by an origin? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/391#issuecomment-517608841
Received on Friday, 2 August 2019 08:24:28 UTC