- From: Mark Watson <watsonm@netflix.com>
- Date: Thu, 8 Nov 2012 19:46:51 +0000
- To: Wan-Teh Chang <wtc@google.com>
- CC: Thomas Hardjono <hardjono@mit.edu>, Seetharama Rao Durbha <S.Durbha@cablelabs.com>, "public-webcrypto@w3.org Group" <public-webcrypto@w3.org>
On Nov 8, 2012, at 11:34 AM, Wan-Teh Chang wrote: > On Thu, Nov 8, 2012 at 11:27 AM, Mark Watson <watsonm@netflix.com> wrote: >> >> My objective with the feature in question here is that the privacy >> implications be no worse than (and hopefully better than) cookies >> and web storage. One aspect in which the situation is better is >> that users have very little idea what a site will use cookies and >> web storage for when they give permission. Giving a site >> permission to access an (origin-specific) device identifier is >> arguably easier to understand. > > If I understand it correctly, the perceived problem with an origin-specific > device identifier is that it is "read only" and cannot be deleted by the > user. Well, UAs may choose to allow users to delete the identifier. From the site's point of view that's indistinguishable anyway from the site not being authorized by the user to see it. The issue is that if you delete such an identifier, services that need it may not work any more and users need to be warned about that. On a TV this would be a "permanently disable service X" button. Personally I would happily use that feature on certain TV channels ;-) > > On the other hand, the user can effectively change the device identifier > by getting a new device, Depending on device implementation, it may be able to change its device identifier at user request. > whereas an (origin-specific) user identifier, > such as my Yahoo Mail account and Amazon.com account, usually > last much longer than the lifetime of a device. So it's not clear to me > if a device identifier has more serious privacy issues. > > Wan-Teh >
Received on Thursday, 8 November 2012 19:47:19 UTC