Re: "Incognito Mode" Feedback on "Self-Review Questionnaire: Security and Privacy"

+public-privacy@, who have been thinking along similar lines.

-mike

On Wed, Sep 28, 2016 at 8:23 PM, Ian Jacobs <ij@w3.org> wrote:

> Dear TAG,
>
> In the Web Payments Working Group, a task force reviewed some of our
> specifications using
> the checklist "Self-Review Questionnaire: Security and Privacy." Section
> 3.14 [1] refers to
> considerations when in “incognito mode.” We have two comments based on our
> experience.
>
> 1) The first is editorial: “Incognito Mode” is specific to Google.
> Although the term appears in quotes,
>    our feedback is that the checklist should probably use a generic term
> such as “private browsing
>    mode.”
>
> 2) The second is more substantive: because there is no standard behavior
> among browsers for
>      a private browsing mode, we did not feel we could offer standard
> guidance to developers
>      on how to manage payment app behavior in such a mode.
>
> Further clarity in the questionnaire would help us determine what, if
> anything, to add
> to our specification.
>
> Thank you,
>
> Adam Roach (Mozilla) and Ian Jacobs (W3C)
>
> [1] https://www.w3.org/TR/security-privacy-questionnaire/#incognito
>
> --
> Ian Jacobs <ij@w3.org>      http://www.w3.org/People/Jacobs
> Tel:                       +1 718 260 9447
>
>
>
>

Received on Wednesday, 28 September 2016 19:21:51 UTC