- From: Daniel Appelquist <notifications@github.com>
- Date: Mon, 11 Nov 2024 10:30:22 -0800
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3ctag/design-reviews/issues/956/2468795045@github.com>
The W3C TAG has [discussed this proposal](https://github.com/w3ctag/meetings/blob/gh-pages/2024/telcons/10-28-minutes.md#early-design-review-partitioned-popins---leaverou-matatk-hadleybeeman) and I took an action last week to summarize some of the key points, which I am late on performing - apologies for that. Here are a couple of key points from our discussion: * Regarding the potential for User Confusion: While UX solutions have been proposed, the effectiveness of these designs in clearly communicating the partitioned nature of identities and data access across origins remains uncertain. Do you have user testing studies that you can share with us which might show how this approach can safeguard against potential user confusion or use in deceptive patterns? * Regarding Non-JS Communication Alternatives: We noted that the main advantage of Partitioned Popins seems to be allowing secure communication without JavaScript. It may be worth investigating if this benefit can be achieved without the complexities of this approach, such as through a dedicated API or secure post-message alternative that maintains privacy and security integrity. * We'd like to suggest expanding & clarifying the description of the use case in the explainer. -- Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/956#issuecomment-2468795045 You are receiving this because you are subscribed to this thread. Message ID: <w3ctag/design-reviews/issues/956/2468795045@github.com>
Received on Monday, 11 November 2024 18:30:26 UTC