- From: Hadley Beeman <notifications@github.com>
- Date: Mon, 27 Sep 2021 09:32:55 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Monday, 27 September 2021 16:33:07 UTC
Hi @SergeyKanzhelev. We are looking at this in our W3CTAG breakout, and a couple of questions have come up. 1. Who is the user for this? What need of theirs is it meeting? It would help us a lot of if you could put those points in your explainer. 2. We are concerned about the privacy/security implications of opening up a metadata channel that the user can't control. Have you thought through any attack scenarios? And if so, what are your thoughts on how to make them less likely to happen? The [security](https://w3c.github.io/baggage/#security-considerations) and [privacy](https://w3c.github.io/baggage/#privacy-considerations) sections of your spec talk about the responsibilities of application owners and systems. Does your approach let users protect themselves too? Or might it be easier to track them with your proposal? We'd be grateful for your thoughts on those. Thanks! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/650#issuecomment-928053119
Received on Monday, 27 September 2021 16:33:07 UTC