- From: <jg@w3.org>
- Date: Tue, 26 Mar 96 18:01:43 -0500
- To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
The following sections is intended to emphasize the privacy problems that have been coming up with client implementations (e.g. Javascript problem) that are not careful about the information stored inside themselves. Comments to me, Jim Gettys Add to Section 14.4: ------------------- HTTP clients are often privy to large amounts of personal information (e.g. the user's name, location, mail address, passwords, encryption keys, etc.), and should be very careful to prevent unintentional leakage of this information via the HTTP protocol to other sources. We suggest, though do not require, that a convenient interface be provided for the user to control dissemination of such information, and that designers and implementors be particularly careful in this area. History shows that errors in this area are often both serious security and/or privacy problems, and often generate very adverse publicity for the implemetor's company.
Received on Tuesday, 26 March 1996 15:06:15 UTC