- From: sleevi <notifications@github.com>
- Date: Fri, 03 Jul 2015 04:45:42 -0700
- To: slightlyoff/ServiceWorker <ServiceWorker@noreply.github.com>
- Message-ID: <slightlyoff/ServiceWorker/issues/119/118327036@github.com>
I'm fairly certain that both the Shared Worker and the Service Worker proposal by @jakearchibald won't really be something we can reliably/safely implement in Chrome, and would definitely be something the Chrome networking team would push back on for implementation in layering concerns. It's also fairly non-deterministic. >From the networking side, David and I are fairly supportive of the "Request in a [Shared/Service]Worker that would result in UI gets aborted" as the baseline, and then trying to iterate in a way that may allow some interaction iff the *Worker can deterministically control it, and the user agent can mediate it. But to @annevk 's point of allowing client auth to be controlled in the way HTTP auth is, that's also a bit of a non-starter on the grounds of privacy/security. We can't reveal anything about the certificates available (they're rife with PII and persistent identifiers that are potentially non-revocable) without some form of prior user mediation, and in a way that's at least quasi-understandable by users (read: "Do you want this website to know everything about you?" *isn't* that :-1: ) --- Reply to this email directly or view it on GitHub: https://github.com/slightlyoff/ServiceWorker/issues/119#issuecomment-118327036
Received on Friday, 3 July 2015 11:46:10 UTC