- From: Mike West <mkwst@google.com>
- Date: Fri, 26 Sep 2014 13:55:26 +0200
- To: Anne van Kesteren <annevk@annevk.nl>
- Cc: WebAppSec WG <public-webappsec@w3.org>
Received on Friday, 26 September 2014 11:56:13 UTC
What's the attack you're considering? (See also: http://www.chromium.org/Home/chromium-security/client-identification-mechanisms#TOC-Lower-level-protocol-identifiers ) -mike -- Mike West <mkwst@google.com> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91 Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg Geschäftsführer: Graham Law, Christine Elizabeth Flores (Sorry; I'm legally required to add this exciting detail to emails. Bleh.) On Fri, Sep 26, 2014 at 1:42 PM, Anne van Kesteren <annevk@annevk.nl> wrote: > Given HSTS and the network-error-on-redirect feature, it seems we can > determine whether a user has visited a given domain before. Was this > considered? > > > -- > https://annevankesteren.nl/ > >
Received on Friday, 26 September 2014 11:56:13 UTC