Re: [w3ctag/design-reviews] TAG review for Local Network Access(LNA) (Issue #1116) from Martin Thomson on 2025-07-10 (public-webapps-github@w3.org from July 2025)

From: Martin Thomson <notifications@github.com>
Date: Thu, 10 Jul 2025 02:22:35 -0700
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/1116/3056517808@github.com>

martinthomson left a comment (w3ctag/design-reviews#1116)

Thanks for sharing this. We agree that it is necessary to do something more about malicious sites connecting to local services, including the localmess problem. There are use cases that depend on public sites talking to private servers and those are both common and basically impossible to distinguish from attacks. Previous attempts to address this - with Private Network Access in particular - failed, so we realize that a permissions prompt is probably the only option we have available, given the urgent need for a response to the attacks.

However, we do think that a permission prompt is not a great solution. Or rather, it's almost exactly the wrong thing to be asking people to decide. These sorts of questions only work if consent is "freely given, specific, and informed", where this basically fails on all three tests. This is not something that people are naturally able to understand very well. The permission is also necessarily very broad. And the alternative is generally that the site breaks, so it cannot reasonably claim to be "freely given" either.

So we encourage you to continue to look for better options, while recognizing the unfortunate necessity of this in the short term.

Not ALL the TAG agree with this viewpoint; some of us believe that it might be possible to construct a prompt that makes it possible to obtain meaningful consent. Shipping the feature might help answer that.

Finally, a few clerical things:
* we ask that specifications or S&P questionnaires not be shared as Google docs
* Mozilla and WebKit have standards-positions: https://github.com/mozilla/standards-positions/issues/1260 https://github.com/WebKit/standards-positions/issues/520 (both generally discourage use of inference or secondary sources when it comes to interpreting where they stand on things)
* has this been discussed in webappsec?

--
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/1116#issuecomment-3056517808
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/1116/3056517808@github.com>

Received on Thursday, 10 July 2025 09:22:38 UTC