Re: Web Performance: Survey and Workshop - We'd like your input!

On 10.10.12 10:44, "Reitbauer, Alois" <>

>I see this exactly the same way. It will be a feature that requires the
>user to accept that this information gets collected or it will be enables
>by default using a browser flag - this will be useful for testing. I will
>put a proposal together for the upcoming workshop.
>I already asked Tobie to work together. Paul you are more than welcome

Yep, happy to join the effort!

After giving this more thought, I came to the conclusion that there are
all sorts of APIs that were blocked by fingerprinting concerns in the
past, so I wonder if we shouldn't just design a general sort of
domain-based notification prompt (like geolocation), saying something like:

"The current page requests access to advanced functionality that could
potentially be used to track your identity. Do you want to allow this?"

At this point, every API that sits behind the fingerprinting firewall
would be unblocked.

>Btw. I also think that Chrome might already provide an API like this
>today. Developer tools run already in the browser so there should be an
>API to get this information.
>As a first step I propose to define the use cases we want to support. The
>actual API will then be next.
>// Alois
>On 10/8/12 5:07 PM, "Tobie Langel" <> wrote:
>>On 10/8/12 11:17 AM, "Paul Bakaus" <> wrote:
>>>On 03.10.12 07:30, "Reitbauer, Alois" <>
>>>>A unified API for diagnosing the performance of Web applications
>>>>the same information (JS profiling, memory profiling, rendering, ) as
>>>>Chrome Developer Tools, Firebug and similar tooling.
>>>Yes, thank you! Not sure if we're talking about the same thing, but this
>>>was something Tobie and I proposed when we talked to the group, but
>>>broader than what you are describing - basically, a "developer opt-in
>>>that every browsers' debug mode enables, and implements many of the
>>>debugging/perf APIs for developers that are otherwise not being
>>>implemented because of fingerprinting concerns.
>>Introducing the concept of a "developer/debug" API that triggers a prompt
>>(much like geolocation does) for these things would be awesome.
>>Not only could this help in the above mentioned use cases, it could also
>>be applied to other useful, yet potentially insecure things such as
>>screenshots, which would allow automating ref testing (e.g. for CSS[1])
>>but also to diagnose complex browser bugs on applications in production
>>getting the user to easily send a screenshot.
>The contents of this e-mail are intended for the named addressee only. It
>contains information that may be confidential. Unless you are the named
>addressee or an authorized designee, you may not copy or use it, or
>disclose it to anyone else. If you received it in error please notify us
>immediately and then destroy it. Compuware Austria GmbH (registration
>number FN 91482h) is a company registered in Austria whose registered
>office is at 1120 Wien, Wagenseilgasse 14, Austria

Received on Wednesday, 10 October 2012 11:32:41 UTC