Re: [csswg-drafts] [css-fonts] incorporate mitigations for font based fingerprinting (#4055)

(arriving late at this thread)

Seems to me that beyond the specific discussion around fonts, there's an underlying meta question: **should specific mitigations be baked into specifications?**

If we examine font fingerprinting as an example, it seems like this is a place where browsers' anti-fingerprinting efforts can develop extremely smart solutions to reduce the entropy exposed (e.g. block only "rare" fonts for some definition of rare, track scripts that enumerate them either offline or online - with or without a Privacy Budget, etc). 

Baking-in specific mitigations as MUST requirements seems like something that can stifle innovation on that front that can benefits users on the privacy, performance and usability fronts. 

The fact that even proponents of baking-in mitigations are not sure *which* mitigations we want to bake-in emphasizes that point.

The same is true for other specifications where the PING has tried to propose mitigations without any evidence as to why they'd actually help users effectively. 

That makes me believe that we need a wider discussion between the PING, TAG, and WG chairs & members to get a better understanding of the trade-offs between well-defined, frozen-in-time, formal mitigations and UA-defined ones. 


-- 
GitHub Notification of comment by yoavweiss
Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/4055#issuecomment-538634352 using your GitHub account

Received on Saturday, 5 October 2019 09:38:51 UTC