- From: Thomas Roessler <tlr@w3.org>
- Date: Wed, 27 May 2009 17:42:54 +0200
- To: Andrei Popescu <andreip@google.com>
- Cc: Anne van Kesteren <annevk@opera.com>, Greg Bolsinga <bolsinga@apple.com>, Doug Turner <doug.turner@gmail.com>, Rigo Wenning <rigo@w3.org>, public-geolocation <public-geolocation@w3.org>
On 27 May 2009, at 17:34, Andrei Popescu wrote: > On Wed, May 27, 2009 at 4:27 PM, Anne van Kesteren > <annevk@opera.com> wrote: >> On Wed, 27 May 2009 16:26:57 +0200, Thomas Roessler <tlr@w3.org> >> wrote: >>> On 27 May 2009, at 16:15, Andrei Popescu wrote: >>>> For clarity, I would propose avoiding RFC2119 keywords in this >>>> section. We could instead say: >>> >>> I'm not particularly happy with that step, in particular since the >>> section is already clearly labelled as non-normative, and since the >>> phrase in question puts a burden on implementors -- instead of >>> listing a >>> requirement that implementations should conform to. >> >> Please, no RFC 2119 terminology in non-normative prose. That is >> very confusing. >> > > Agreed. While I'll note that actually following the editorial conventions from RFC 2119 would immensely help avoiding that confusion, I can live with the following instead (phrased more as an analysis and not so much as a requirement on implementors): > When users grant authorization to specific sites interactively, > there is a risk that this happens inadvertently, or that the user's > intent with respect to a given site changes over time despite the > user's initial intent to grant consent. Mechanisms to limit users' > exposure to privacy risks out of such situations include: ...
Received on Wednesday, 27 May 2009 15:43:02 UTC