- From: Mike West <mkwst@google.com>
- Date: Tue, 26 Jul 2016 19:33:50 +0200
- To: "Mike O'Neill" <michael.oneill@baycloud.com>
- Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
Received on Tuesday, 26 July 2016 17:34:48 UTC
Hi Mike! On Tue, Jul 26, 2016 at 7:00 PM, Mike O'Neill <michael.oneill@baycloud.com> wrote: > > This is good, but it would help mitigate the privacy risk if the > Origin-Policy request header value was limited in entropy, i.e. some small > number of characters. How would this help? The tracking capability exposed is exactly the same as cookies (less, if you want to be nit-picky, since the character set is more limited). Reducing the entropy contained in this key while leaving the entropy contained in those keys over there the same is not a net positive. > How many versions of the origin manifest are there likely to be? Not many. However, one of the ideas floated in https://github.com/mikewest/origin-policy/issues/1 was to enforce integrity checks on the manifest by using it's hash as the name. That seems like a pretty good idea to me. > Relying on users periodically deleting their entire cookie store to stop > fingerprinting is not good. > If the user isn't wiping the cookies stored for an origin, fingerprinting is unnecessary, because the cookies are right there. "entire" jumped out at me, though: perhaps the language wasn't clear? https://github.com/mikewest/origin-policy/commit/c5ed6d6f2e96e997d0bcf0d9280a978b35241865 is closer to what I thought I wrote. -mike
Received on Tuesday, 26 July 2016 17:34:48 UTC