- From: Nick Doty <notifications@github.com>
- Date: Tue, 19 Apr 2016 17:38:04 -0700
- To: w3c/permissions <permissions@noreply.github.com>
- Cc:
- Message-ID: <w3c/permissions/issues/46/212184794@github.com>
@martinthomson > >Every account-based web site I've used has a logout model, so that I can log out of my account and someone else can log in, without invoking a browser feature. >This is an interesting analogy, but not one that holds up. I would consider this less of a temporary break in the way that logout is temporary, but more like giving a site your mailing address, then asking them to forget it and scrub their database of the info. Sure, you can type the address into a form again every time you log in, but why would a site give that information up? I'm not sure why you prefer the analogy of deleting information that's already been sent to the server; that could be an interesting feature, but it's not what `revoke()` or the Permissions API is intended for, as far as I understand it. It isn't the user that's asking for information or permission to be scrubbed, this is an API invoked by the site. (Apologies, I think I'm just not understanding your example.) I don't just mean logging out as an analogy but as a use case. Logging out isn't just temporary, it may also indicate a situation where a different user is using the same user agent and the site may want to provide the same first-time user experience to the new user. When one of my family members logs into a mapping application using my computer and browser, they're going to be surprised if the application can access their location without being prompted by the browser. A site could fix that surprising situation by indicating to the browser when a new user logs in that any previously persisted permissions should be revoked. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/permissions/issues/46#issuecomment-212184794
Received on Wednesday, 20 April 2016 00:38:58 UTC