Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Privacy considerations #145

Merged
merged 2 commits into from
May 28, 2024
Merged

Conversation

anssiko
Copy link
Member

@anssiko anssiko commented May 27, 2024

  • Reorganize mitigation strategies for readability
  • Give additional mitigation strategies names
  • Map theoretical attack with mitigations
  • Remove Secure Context from this section ([SecureContext] in IDL is adequate nowadays)

Preview | Diff

- Reorganize mitigation strategies for readability
- Give additional mitigation strategies names
- Map theoretical attack with mitigations
- Remove Secure Context from this section
  ([SecureContext] in IDL is adequate nowadays)
@anssiko anssiko requested a review from darktears May 27, 2024 14:25
@anssiko
Copy link
Member Author

anssiko commented May 28, 2024

@darktears please check that the iframe-related bits reflect the latest in #111 and propose changes as appropriate. I added an inline issue link for that in 9548e1e to bring this to the attention of privacy reviewers. Note I proposed to rename the section from "iframes" to "cross-origin iframes", while this applies to same-origin iframes equally. This was to highlight the cross-origin-ness that is of particular interest to privacy reviewers.

More generally, my expectation here is the specification as of now matches the ongoing Origin Trial feature scope. With the trial experience and feedback we're in a better position to make an informed decisions wrt iframe exposure and any other design aspects. I'm looking to initiate a PING review soon, so want to incorporate all information relevant to the reviewers in this privacy considerations section. I will also provide the self-assessment as an additional input. Please also check that resource is up to date.

@anssiko anssiko merged commit 057458d into gh-pages May 28, 2024
2 checks passed
@anssiko anssiko deleted the privacy-considerations-refresh branch May 28, 2024 14:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants