- From: SULLIVAN, BRYAN L <bs3131@att.com>
- Date: Fri, 10 Jan 2014 05:36:25 +0000
- To: "'Nicholas Doty'" <npdoty@w3.org>, Josh Soref <jsoref@blackberry.com>, "Frederick.Hirsch@nokia.com" <Frederick.Hirsch@nokia.com>
- CC: DAP <public-device-apis@w3.org>
(Nick wrote) > I think there's a privacy concern in using the pattern of fired events, too. If we expect background access to these events (because your podcast web app needs to know whether it should stop downloading into localStorage or not), simultaneously firing an event across frames/tabs/windows allows for potentially unexpected correlation across different browsing contexts. <bryan> Background (meaning any browser/window/tab not in the foreground) access to the events is desired. Many always-on app use cases will depend upon background operation, and these are many of the same (e.g. feed readers, email, SocNet) that would benefit from network-event-driven sync. But I don't know what you mean/imply by "simultaneously firing an event across frames/tabs/windows allows for potentially unexpected correlation across different browsing contexts". Can you explain this further, and associate it so some real/prevalent privacy attack? Such info would be good to capture on the wiki, if it ends up influencing the design of the API.
Received on Friday, 10 January 2014 05:37:20 UTC