(PRIVACY) Consensus

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: jg@w3.org: "(CONTENT) consensus"
• Previous message: Koen Holtman: "(CONTENT NEGOTIATION,VARY) Draft text for Vary header and content negotiation `hooks'"

Unless further comment is heard, this will be used to close out
this issue.
 
The following sections is intended to emphasize the privacy problems
that have been coming up with client implementations (e.g. Javascript problem)
that are not careful about the information stored inside themselves.

The only comment was from Paul Leach on wording; I've adopted his
change below.
			Comments to me,
				Jim Gettys

Add to Section 14.4:
-------------------
HTTP clients are often privy to large amounts of personal information
(e.g. the user's name, location, mail address, passwords, 
encryption keys, etc.), and should be very careful to prevent unintentional
leakage of this information via the HTTP protocol to other sources.  We
!very strongly recommend that a convenient interface be provided for
the user to control dissemination of such information, and that 
designers and implementors be particularly careful in this area.  
History shows that errors in this area are often both serious security
and/or privacy problems, and often generate very adverse publicity 
for the implemetor's company.

• Next message: jg@w3.org: "(CONTENT) consensus"
• Previous message: Koen Holtman: "(CONTENT NEGOTIATION,VARY) Draft text for Vary header and content negotiation `hooks'"