Re: [compute-pressure] "Rate-limiting change notifications" section is confusing (#291)

What about something like:

11.2.2 Rate-limiting change notifications

By rate-limiting the delivery of the pressure state information we remove the attacker's ability to observe the precise time when a value transitions between two states.

More precisely, once the pressure observer is activated, it will be called once with initial values, and then is called when the values change. The subsequent calls will be rate-limited. When the callback is called, the most recent value is reported.
The specification will recommend a rate limit of at most one update per second, though this is [=implementation-defined=]. We will also recommend that the call timings are jittered across contexts such as workers and main thread.

These measures benefit the user's privacy, by reducing the risk of identifying a device across multiple origins. The rate-limiting also benefits the user's security, by making it difficult to use this API for timing attacks. Last, rate-limiting change callbacks places an upper bound on the performance overhead of this API.

The rate limiting should be disabled during automation and for testing purposes, for reliable and quickly passing tests.
Rate limiting can be implemented in the user agent, but it might also be possible to simply change the polling/sampling rate of the underlying hardware counters, if not accessed via a higher level framework.


-- 
GitHub Notification of comment by kenchris
Please view or discuss this issue at https://github.com/w3c/compute-pressure/issues/291#issuecomment-2376167672 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 26 September 2024 07:41:23 UTC