W3C home > Mailing lists > Public > public-privacy@w3.org > January to March 2021

Re: PING review issues tracker (was: Re: Cross-Spec Privacy/Security Risks)

From: Samuel Weiler <weiler@w3.org>
Date: Wed, 27 Jan 2021 07:41:35 -0500 (EST)
To: Matthew Finkel <matthew.finkel@gmail.com>
cc: public-privacy@w3.org
Message-ID: <26981097-31e-3281-5387-56e12caa27df@w3.org>
On Tue, 26 Jan 2021, Matthew Finkel wrote:

>> This page shows _open_ privacy review issues:
>> https://w3c.github.io/horizontal-issue-tracker/?repo=w3cping/tracking-issues
> Ah! Thank you, Sam! This isn't what I was imagining, but I think it's better in
> some ways. Is there any place where PING tracks privacy risks/considerations
> that are flagged in the spec but a tracking issue is not created? For example, a
> draft already says that some new functionality could be incorporated into a
> browser fingerprint, but an issue is not created for it, for whatever reason?

Our[*] self-review questionnaire and Nick's excellent fingerprinting 
doc are the repositories for such knowledge.  They track _types_ of 
privacy harm, though they're not complete catalogs of fingerprinting 
surface or other individual "leaks" in the platform.


If you see something that isn't identified in those documents, open an 
issue against one of them?

(There are some open issues already, including a request to add 
ephemeral fingerprinting.  If you or anyone else have some cycles and 
want to wield a pen, feel free to write some text... 
https://github.com/w3c/fingerprinting-guidance/issues )

-- Sam

[*] We publish the Questionnaire jointly with W3C's TAG.
Received on Wednesday, 27 January 2021 12:41:40 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 27 January 2021 12:41:40 UTC