- From: Thomas Roessler <tlr@w3.org>
- Date: Tue, 26 May 2009 19:52:22 +0200
- To: Andrei Popescu <andreip@google.com>
- Cc: Greg Bolsinga <bolsinga@apple.com>, Doug Turner <doug.turner@gmail.com>, Rigo Wenning <rigo@w3.org>, public-geolocation <public-geolocation@w3.org>
On 26 May 2009, at 19:33, Andrei Popescu wrote: >> So, let's take a step back here. >> >> Are you objecting against having *any* privacy considerations in >> the spec? >> Or are you objecting against having a MUST in normative language? >> >> As I said early on in this thread, I could live with text along the >> lines of >> what I proposed included as non-normative implementation guidance >> (or a >> "strong should", or something like that), distinct from conformance >> requirements, *if* that helps to get clear guidance on privacy into >> the >> specification. It was Andrei who brought up the point that the >> privacy >> considerations are currently meant to be normative. >> >> Care to elaborate? >> > > My impression is that the existing wording (location permissions must > not be granted without user consent and users must be able to revoke > sticky permissions) was agreed by everyone and are normative. What we > are discussing here are the extensions you suggested: > > 1. User agents must inform the user when Web applications acquire > location information based on a consent granted previously. > 2. User agents should limit the scope of authorizations in time by > asking for re-authorization in certain intervals. These extensions can be discussed as: 1. Normative language with a MUST (which I'm seeing opposition against) 2. Normative language with a SHOULD (which I saw Hixie and Lars Erik suggest earlier) 3. Non-normative guidance (which I'd be willing to accept, as I said earlier; in that case, I'd like to re-add the examples and elaborate a bit more on the text) My question is whether there is opposition against 2 or 3.
Received on Tuesday, 26 May 2009 17:52:30 UTC