W3C home > Mailing lists > Public > public-geolocation@w3.org > August 2020

[geolocation-api] Security review: General observations (#57)

From: magnus-git via GitHub <sysbot+gh@w3.org>
Date: Mon, 10 Aug 2020 04:32:02 +0000
To: public-geolocation@w3.org
Message-ID: <issues.opened-675856281-1597033920-sysbot+gh@w3.org>
magnus-git has just created a new issue for https://github.com/w3c/geolocation-api:

== Security review: General observations ==
1. There is no option for a recipient to ask for a "fuzzy" location. A "fuzzy" location could be a location randomized within some, perhaps provided by the recipient, limits from the hosting device's actual location. Such "fuzzing" could help privacy in some scenarios. Just a suggestion.
2. There's also no option for a recipient to ask for an encrypted version of a location. This could potentially be useful to reduce the risk of some unauthorized party accessing the response (the key could be a key negotiated by a remote recipient or similar). Also just a suggestion / idea.
3. For E911-type scenarios, if the hosting device's location accuracy is below some threshold, it may be better not to send location information than to send erroneous locations?
4. It is unclear how the API implementation determines if a recipient is authorized or not, but perhaps this is covered elsewhere
5. One could imagine recipients being given tokens once they have been authenticated and authorized for a certain level of accuracy in their  responses. These tokens could have a lifetime of a session or longer, and could simplify or eliminate the need for repeated authorizations of recipients.

Please view or discuss this issue at https://github.com/w3c/geolocation-api/issues/57 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 10 August 2020 04:32:04 UTC

This archive was generated by hypermail 2.4.0 : Monday, 10 August 2020 04:32:04 UTC