New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Document privacy and security mitigations #675
Comments
Merged
Hi @marcoscaceres, Want any help drafting text? Ian |
Help is always welcomed, @ianbjacobs. |
ianbjacobs
added a commit
that referenced
this issue
Feb 12, 2018
* Create single section for sec enhancements * Move one of them from above and link to it * Combine with existing bits about handler matching
1 task
Both https://www.w3.org/TR/credential-management-1/ and https://www.w3.org/TR/encrypted-media/ have text we could emulate about secure contexts. The latter document especially has thorough sections on privacy and security. |
ianbjacobs
added a commit
that referenced
this issue
Jun 26, 2018
ianbjacobs
added a commit
that referenced
this issue
Jun 26, 2018
… exposing user information, part of #675
ianbjacobs
added a commit
that referenced
this issue
Jun 26, 2018
ianbjacobs
added a commit
that referenced
this issue
Jun 26, 2018
This was referenced Jun 26, 2018
marcoscaceres
pushed a commit
that referenced
this issue
Jul 3, 2018
* Added information about redactList to privacy consideration about not exposing user information, part of #675
marcoscaceres
pushed a commit
that referenced
this issue
Jul 6, 2018
Merged the ones listed, so closing. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As part of the CR process and through implementation/deployment, we've learned quite a bit about abuse cases. We should make sure we properly document all mitigations we've put in place without being hand-wavy - in the Privacy and Security section.
allowpaymentrequest
attribute on iframecanMakePayment()
and throttlingshow()
And so on... please add more to the above... those are just the ones off the top of my head.
cc @lknik.
The text was updated successfully, but these errors were encountered: