Re: Geolocation header

On 04.08.2017 11:27, Luis Barguñó Jané wrote:
> Exactly the same as the server deciding whether to include JS to use 
> geolocation API.
but without JS on client side, this doesn't work and the server doesn't 
get anything;
and with the header proposal there is no 2nd safety layer

> My bad again, I was writing this e-mail as plain language.
> I agree with you. We MUST not introduce any new privacy risk, and a 
> proper standard should guarantee that.
should guarantee means no guarantee;   the standard MUST guarantee that, 
and when we talk about a standard that is similar to a law,
it MUST prevent anybody who doesn't conform to the standard ...

and a fallback MUST be provided, in other words a server MUST do either 
both the JS-API and the header proposal or only the JS-API,
because it can't be, that for a legit use case you have to buy a new 
"smartphone", because the server only does header proposal ...

so I ask you: does it really make a sense to have this header proposal?

Received on Friday, 4 August 2017 20:29:24 UTC