- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Thu, 3 Aug 2017 08:02:58 +0100
- To: Guilherme Hermeto <gui.hermeto@gmail.com>, ietf-http-wg@w3.org
Received on Thursday, 3 August 2017 07:14:13 UTC
On 03/08/17 07:34, Guilherme Hermeto wrote: > Browsers ask for the user permission to use the Gelolocation API and even > though the user gives the consent once, some clients keep tracking the user > for long after. So the potential for abuse already exists in the client. It > isn't being introduced on this proposal. I don't see that as a good argument for increasing the potential for abuse. That seems like making an attack surface bigger, which'd normally be regarded as a bad plan. Separately, as a happy NoScript user, I'd also prefer to not have yet another attack vector to have to worry about. S.
Received on Thursday, 3 August 2017 07:14:13 UTC