mohamedamir created an issue (w3ctag/design-reviews#1178) During the TAG review of the Digital Credentials (DC) API, it was noted that the current specification does not explicitly address the behavior of the API when the User Agent (UA) is in "Private" or "Incognito" browsing mode. The exact feedback is _"The document does not address the behaviour of the proposed solution in private browsing mode.As per [web platforms design principles (section 2.9)](https://www.w3.org/TR/design-principles/#do-not-expose-use-of-private-browsing-mode), the UA should not exhibit different behaviour in this mode. However, there are specific use cases, such as proof of age, where certain disclosures are mandated by regulations even when the user is browsing in private mode. This could inadvertently reveal unnecessary information to entities other than the UA (e.g., the wallet, website, or verifier) about whether the user is browsing in private or normal mode."_ We need to discuss and document the behavior for the DC API in private browsing mode. <!-- Content below this is maintained by @w3c-tag-bot --> --- Track conversations at https://tag-github-bot.w3.org/gh/w3ctag/design-reviews/1178 -- Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/1178 You are receiving this because you are subscribed to this thread. Message ID: <w3ctag/design-reviews/issues/1178@github.com>
Received on Wednesday, 10 December 2025 23:59:26 UTC