Hi @camillelamy I have similar feedback as i did for #649 which is that the explainer jumps right in to talking about how "sites that wish to continue using SharedArrayBuffer must opt-into cross-origin isolation" without first talking about the end-user use cases (the user need). I see you've responded to Hadley's comment above with a link to the general doc describing the wider problem. But what user need is being served by the use of SharedArrayBuffer *in this context* that this set of mitigations is aimed at securing? You talk about password managers later on in the explainer doc - is that one of the primary use cases? Can you please amend the explainer to start with a few user needs to help us set the context? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/639#issuecomment-923765868
Received on Tuesday, 21 September 2021 08:42:44 UTC