- From: Danyao Wang <notifications@github.com>
- Date: Tue, 21 Apr 2020 14:06:02 -0700
- To: w3c/webpayments <webpayments@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 21 April 2020 21:06:15 UTC
@danyao commented on this pull request.
> @@ -149,6 +150,10 @@ <h2>
cards (e.g., business and personal) belong to the same individual, the
user should make use of two profiles.
</li>
+ <li>Although "private browsing mode" may help mitigate some of the
+ threats described here, we do not consider it a sufficient mitigation
+ strategy.
+ </li>
<li>Most browsers are moving in the direction of double-keyed
partitioning, whatever the storage mechanism.
Since we're in the vicinity... I think we might need to double check the accuracy of this statement. "Double-keyed partitioning" may be true to cookies, but AFAIK, it's not yet true for other types of storage. I'm also not following why this needs to be an assumption? (sorry my memory is failing me...)
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments/pull/253#pullrequestreview-397674860
Received on Tuesday, 21 April 2020 21:06:15 UTC