- From: Amy Guy <notifications@github.com>
- Date: Tue, 26 Jul 2022 07:39:23 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Tuesday, 26 July 2022 14:39:36 UTC
We apologize for the delay in getting to this review request. We note that it has [shipped in Chromium](https://groups.google.com/a/chromium.org/g/blink-dev/c/Wxuo4lZi4vM) but that there are so far no other implementations. Please let us know if you expect to progress this along the recommendation track at any point, and if/when other implementer interest emerges. While the security and privacy questionnaire has responses, there are no security and privacy considerations sections in the spec itself. The responses to the questionnaire indicate how potentially private/sensitive data may be exposed, but there is little discussion of threat models or mitigations. We see this discussed extensively in [this document](https://docs.google.com/document/d/1pTTO5MTSlxuqxpWL3pFblKB8y8SR0jPao8uAjJSUTp4/edit) and it would be reassuring to see actionable considerations / tradeoffs for implementers succinctly documented in the specification itself, or at least references to other documents if that's more appropriate. We will be happy to review further changes and additions in a new review request in future. -- Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/371#issuecomment-1195571021 You are receiving this because you are subscribed to this thread. Message ID: <w3ctag/design-reviews/issues/371/1195571021@github.com>
Received on Tuesday, 26 July 2022 14:39:36 UTC