[csswg-drafts] [css-color-4] Security Self-Review answers (#5499)

svgeesus has just created a new issue for https://github.com/w3c/csswg-drafts:

== [css-color-4] Security Self-Review answers ==
This issue contains the answers to questions posed in [Self-Review Questionnaire: Security and Privacy](https://www.w3.org/TR/security-privacy-questionnaire/) as they relate to the current draft of [CSS Color 4](https://drafts.csswg.org/css-color-4/#priv-sec) which is used to set the colors of various items on a Web page..

 **What information might this feature expose to Web sites or other parties, and for what purposes is that exposure necessary?**
The [system colors](https://drafts.csswg.org/css-color-4/#css-system-colors) MAY expose user-chosen (in `forced colors mode) or OS-chosen colors, as discussed in the [Security and Privacy Considerations](https://drafts.csswg.org/css-color-4/#priv-sec). 

**Is this specification exposing the minimum amount of information necessary to power the feature?**
Yes, we believe so.

**How does this specification deal with personal information or personally-identifiable information or information derived thereof?**
No personally-identifiable information.

**How does this specification deal with sensitive information?**
This specification does not deal with financial data, credentials, health information, location, or credentials.

**Does this specification introduce new state for an origin that persists across browsing sessions?**
No.

**What information from the underlying platform, e.g. configuration data, is exposed by this specification to an origin?**
See discussion of system colors in [Security and Privacy Considerations](https://drafts.csswg.org/css-color-4/#priv-sec)

**Does this specification allow an origin access to sensors on a user’s device**
No.

**What data does this specification expose to an origin? Please also document what data is identical to data exposed by other features, in the same or different contexts.**
None.

**Does this specification enable new script execution/loading mechanisms?**
No. It does allow linking to ICC profiles, but these are declarative and do not contain any scripting mechanism.

**Does this specification allow an origin to access other devices?**
No.

**Does this specification allow an origin some measure of control over a user agent’s native UI?**
Yes, to a limited extent the native UI could in theory be spoofed. See discussion of system colors in [Security and Privacy Considerations]
(https://drafts.csswg.org/css-color-4/#priv-sec)

**What temporary identifiers might this this specification create or expose to the web?**
None.

**How does this specification distinguish between behavior in first-party and third-party contexts?**
No difference.

**How does this specification work in the context of a user agent’s Private Browsing or "incognito" mode?**
No difference.

**Does this specification have a "Security Considerations" and "Privacy Considerations" section?**
It has [one combined section](https://drafts.csswg.org/css-color-4/#priv-sec). Negative responses are not recorded, but are recorded in this issue.

**Does this specification allow downgrading default security characteristics?**
No.

**What should this questionnaire have asked?**
nothing else springs to mind which would be relevant to this specification.




Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/5499 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 4 September 2020 16:59:35 UTC