- From: Lukasz Olejnik (W3C) <lukasz.w3c@gmail.com>
- Date: Sun, 31 Jan 2016 15:30:14 +0000
- To: Philippe Le Hegaret <plh@w3.org>
- Cc: "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Received on Sunday, 31 January 2016 15:30:43 UTC
Hello > [[ > 8. Privacy and Security > > Cache attacks and statistical fingerprinting is a privacy and security > concern where a malicious web site may use high resolution timing data of > various browser or application-initiated operations to identify a > particular user - see [CACHE-ATTACKS]. To mitigate such attacks, the > recommended minimum resolution of the Performance interface should be set > to 5 microseconds. > ]] > http://www.w3.org/TR/hr-time-2/#privacy-security Sometimes indentification may not be possible to achieve. But it can still allow "differentiation" between several users. Maybe it's worth to enhance the Considerations and add something along "identify as particular user, or differentiate between many users"? If that's not over-doing it. Thanks Lukasz > > > New issues are welcome at > https://github.com/w3c/hr-time/issues > > Thank you, > > Philippe > >
Received on Sunday, 31 January 2016 15:30:43 UTC