- From: Doug Turner <doug.turner@gmail.com>
- Date: Mon, 11 May 2009 20:39:40 -0700
- To: Richard Barnes <rbarnes@bbn.com>
- Cc: public-geolocation Group WG <public-geolocation@w3.org>, Alissa Cooper <acooper@cdt.org>
good comments. Questioned inline below: On May 11, 2009, at 7:37 PM, Richard Barnes wrote: > Hey all, > > Sorry for the late comments, but I've just gotten back around to > reviewing the Security and Privacy Considerations section in the > current working draft. > > One general comment is that this text indicates how privacy flags > for retention and retransmission would be useful. <snip> I teased those ideas out of the geopriv flags. I do not think that the actual implementation of those flags are good for the web (as I mentioned else where: http://www.w3.org/2008/12/08-geolocation- minutes), but hopefully i summarized at least two of the points that were raised (retention and re-transmittal). Did you have a specific comment on the text used? > <rlb> I'm puzzled by all these references to HTML 5 when this > document will clearly be used in the HTML 4 context. </rlb> same. I think alissa also brought up this point too -- referring to a spec that hasn't been completed is bad business. The point here is that we need to define how permission should work -- should it be based on the complete URI, the host, some part of the URI, etc. I wonder if the RFC2396 |HOST| will be okay? > Some User Agents will have prearranged trust relationships that do > not require such user interfaces. For example, a Web browser will > present a user interface when a Web site performs a geolocation > request. However, a VOIP telephone may not present any user > interface when using location information to perform an E911 function. > > <rlb> I'm concerned that people will view this paragraph as a > loophole. It seems like this could be restricted to simply the > emergency case: In non-emergency applications, there is time for the > user to authorize the UA to provide location (by definition!). > Suggested text: > " > In some emergency applications, a User Agent may be prevented from > obtaining a user's consent, either by the need to respond quickly to > an emergency or by regulatory constraints. Before providing > location without user consent, the User Agent must have received an > explicit indication that the recipient of location is an emergency > application (the mechanism for this indication is outside the scope > of this document). When such an indication is not present (the > usual case), the User Agent must acquire express user permission > before providing location. > " > (... plus, delete the text above: "unless they have prearranged > trust relationships with users, as described below") > </rb> I think I am more scared about your wording than mine. :-) Specifically the part about "or by regulatory constraints" then defining what an emergency is as out of scope. OOC, we talk about user agents being anything that uses the web. is there a term that talks about the common web browser such that we can say something like: Web browsers MUST acquire expressed user permission. Non web browsers SHOULD require user permission? -- Doug Turner
Received on Tuesday, 12 May 2009 03:40:28 UTC