- From: <jg@w3.org>
- Date: Mon, 01 Apr 96 19:32:58 -0500
- To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Unless further comment is heard, this will be used to close out this issue. The following sections is intended to emphasize the privacy problems that have been coming up with client implementations (e.g. Javascript problem) that are not careful about the information stored inside themselves. The only comment was from Paul Leach on wording; I've adopted his change below. Comments to me, Jim Gettys Add to Section 14.4: ------------------- HTTP clients are often privy to large amounts of personal information (e.g. the user's name, location, mail address, passwords, encryption keys, etc.), and should be very careful to prevent unintentional leakage of this information via the HTTP protocol to other sources. We !very strongly recommend that a convenient interface be provided for the user to control dissemination of such information, and that designers and implementors be particularly careful in this area. History shows that errors in this area are often both serious security and/or privacy problems, and often generate very adverse publicity for the implemetor's company.
Received on Monday, 1 April 1996 16:35:54 UTC