Re: [w3ctag/design-reviews] FedCM: LoginHint, UserInfo, and RPContext (Issue #839) from Peter Linss on 2024-03-12 (public-webapps-github@w3.org from March 2024)

From: Peter Linss <notifications@github.com>
Date: Tue, 12 Mar 2024 12:45:45 -0700
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/839/1992416657@github.com>

The feedback is about UserInfo potentially leaking personal information in a shared computer environment. It's not about making the previous user's identity available to an iframe, but displaying it to the next user of the computer if the previous user didn't log out of what they thought they were logging out of.

Think of a public computer in a library, person A logs into a site via FedCM, then when finished, logs out of the RP, but doesn't realize they haven't logged out of the IDP, and closes the tab/window. The next person using the computer, potentially someone who was stalking person A, recognizes the site Person A was visiting, visits that site and gets to see person A's name and possibly email address.

(There's also the issue of the next user leveraging the status of still being logged in to the IDP and using that to access the RP as the previous user.) 

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/839#issuecomment-1992416657
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/839/1992416657@github.com>

Received on Tuesday, 12 March 2024 19:45:49 UTC