- From: Tobie Langel <tobie@fb.com>
- Date: Wed, 10 Oct 2012 11:52:18 +0000
- To: Paul Bakaus <pbakaus@zynga.com>, "public-web-perf@w3.org" <public-web-perf@w3.org>
On 10/10/12 1:32 PM, "Paul Bakaus" <pbakaus@zynga.com> wrote: >On 10.10.12 10:44, "Reitbauer, Alois" <Alois.Reitbauer@compuware.com> >wrote: > >>I see this exactly the same way. It will be a feature that requires the >>user to accept that this information gets collected or it will be enables >>by default using a browser flag - this will be useful for testing. I will >>put a proposal together for the upcoming workshop. >> >>I already asked Tobie to work together. Paul you are more than welcome >>too! > >Yep, happy to join the effort! > >After giving this more thought, I came to the conclusion that there are >all sorts of APIs that were blocked by fingerprinting concerns in the >past, so I wonder if we shouldn't just design a general sort of >domain-based notification prompt (like geolocation), saying something >like: > >"The current page requests access to advanced functionality that could >potentially be used to track your identity. Do you want to allow this?" >Yes/No > >At this point, every API that sits behind the fingerprinting firewall >would be unblocked. Given how WebIDL exposes otherwise namespace constructors to the global scope (e.g. look at all the WebGL cruft present there), this might prove challenging, but I'm sure we'll end up finding a solution that improves the current situation. Alois, will you be at TPAC? --tobie
Received on Wednesday, 10 October 2012 11:52:47 UTC