- From: Philippe Le Hegaret <plh@w3.org>
- Date: Tue, 17 Nov 2015 08:58:07 -0500
- To: public-webappsec@w3.org
The latest version of High Resolution Time is ready for wide review. One can find the latest draft at: http://www.w3.org/TR/hr-time-2/ High Resolution Time Level 2 replaces the first version of High Resolution Time [HR-TIME] and includes: * Defines a precise definition of time origin for the purpose of all performance timeline related specifications; * Provides the base definition for the Performance interface, including support for the Performance.now method in Web Workers [WORKERS]; * Introduces the method Performance.translateTime to compare times between different time origins; * To mitigate cache attacks, the recommended minimum resolution of the Performance interface should be set to 5 microseconds. The method Performance.translateTime is marked as "at risk" to the purpose of moving High Resolution Time 2 to W3C Recommendation due to its lack of implementation experience. It is expected to be deferred until the next release at the moment. [[ 8. Privacy and Security Cache attacks and statistical fingerprinting is a privacy and security concern where a malicious web site may use high resolution timing data of various browser or application-initiated operations to identify a particular user - see [CACHE-ATTACKS]. To mitigate such attacks, the recommended minimum resolution of the Performance interface should be set to 5 microseconds. ]] http://www.w3.org/TR/hr-time-2/#privacy-security New issues are welcome at https://github.com/w3c/hr-time/issues Thank you, Philippe
Received on Tuesday, 17 November 2015 13:58:13 UTC