- From: Marcos Cáceres <notifications@github.com>
- Date: Tue, 31 Aug 2021 14:17:25 +0000 (UTC)
- To: w3c/permissions <permissions@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3c/permissions/pull/287/review/742791158@github.com>
@marcoscaceres commented on this pull request. > + - with a strong emphasis on user privacy. + </p> + <aside class="Note" title="Determining the lifetime of a permission"> + <p> + For particularly privacy-sensitive [=features=], such as [[[GETUSERMEDIA]]], + which can provide access + to a user's camera and microphone, user agents are known to expire a permission + [=permission/grant=] as soon as a browser tab is closed or navigated. + For other features, like the [[[Geolocation]]], user agents are known to offer a choice of + only granting the permission for the session, or for one day. Others, like the [[[Notifications]]] and [[[push-api]]] APIs, + remember a user's decision indefinitely or until the user manually denies the permission. + </p> + <p> + Finding the right balance for the lifetime of a permission requires a lot of + thought and experimentation, and often evolves over a long period of time (often years!). + Implementers are encouraged to work with their UX security teams to find the right balance They are definitely a team. We had one at Mozilla at the Toronto and Vancouver offices and they were awesome. I guess on the Google side, it would be Adrienne Porter Felt and co. (maybe, not sure if they are still doing this kind of work). Happy to rephrase this tho. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/permissions/pull/287#discussion_r699369905
Received on Tuesday, 31 August 2021 14:17:38 UTC