From b5eabae9533346db0b26f2999e8ef4a9759dd023 Mon Sep 17 00:00:00 2001 From: Zoltan Kis Date: Tue, 19 May 2015 11:31:36 +0300 Subject: [PATCH] fixed review comments --- security-privacy.html | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/security-privacy.html b/security-privacy.html index b100c16..4f8c183 100644 --- a/security-privacy.html +++ b/security-privacy.html @@ -152,9 +152,9 @@ devices. - Permission/user prompt for writing tags and peers, with a + Permission/user prompt for writing tags and peers. @@ -191,19 +191,20 @@ Suggest rules for handling payload safely, provide best-practice methods for doing so, provide a sanitization/validation function. - Payload MAY be even cryptographically sign before writing it to a tag - so the contents could later be verified. + Payload MAY be even cryptographically signed before writing it to a + tag so the contents could later be verified. A Web NFC tag could be used for leaking the user’s location, if the - readong triggers a user’s device to navigate to a website. + reading triggers a user’s device to navigate to a website. A Web NFC tag SHOULD NOT ever trigger a user’s device to navigate - to a website without asking permission, unless the site is in the - foreground and has been granted permission. + to a website without asking permission, unless the site has been in + the foreground or has been brought to the foreground and has been + granted permission.