- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Tue, 26 Nov 2013 15:42:14 -0800
- To: cowwoc <cowwoc@bbs.darktech.org>
- Cc: Justin Uberti <juberti@google.com>, "public-webrtc@w3.org" <public-webrtc@w3.org>
On 26 November 2013 15:30, cowwoc <cowwoc@bbs.darktech.org> wrote: > How about popping up a consent box any time a cross-site request is made? I'm not interested in entertaining suggestions that result in users being asked questions that they don't comprehend the implications of. This is a great example of that. The question you would have me ask is "do you want site.example.com to steal your identity?" Safe by design is strictly better than punting on hard choices by asking users. Asking users has to be the absolute last resort, and it only makes sense if the user expects to be asked AND the question and its consequences are easily comprehended. gUM and geolocation meet this bar. Just. This doesn't.
Received on Tuesday, 26 November 2013 23:42:47 UTC