- From: Marcos Cáceres <notifications@github.com>
- Date: Wed, 13 Jul 2016 01:33:47 -0700
- To: w3c/permissions <permissions@noreply.github.com>
- Cc:
- Message-ID: <w3c/permissions/pull/100/r70584654@github.com>
> <section class='non-normative'> > <h2 id="privacy-considerations"> > Privacy considerations > </h2> > <p><em>This section is non-normative.</em></p> > <p> > - Permission states can be used as an element of fingerprinting by > - websites. Usually websites could already have access to the information > - but often through actually using the API which could lead to a > - permission request UI if the permission was not already granted. Thus, > - even though this API doesn't expose new fingerprinting data to > - websites, it makes it easier for them to have discreet access to it. > - Therefore, implementations are encouraged to have an option for users > - to block (globally or selectively) the querying of permission states. > + Implementations are encouraged to have an option for users to block (globally > + or selectively) the querying of <a>permission states</a>: An adversary > + could use a <a>permission state</a> as an element in creating a "fingerprint" > + corresponding to an end-user. Although, a adversary can already determine fixed. --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/permissions/pull/100/files/59690558b17cbc2a5618b8adc36ef93888d7d8b7#r70584654
Received on Wednesday, 13 July 2016 08:34:36 UTC