w3c/fingerprinting-guidance
What is browser fingerprinting and how should specification authors address it.
HTML
Issues
- 3
Predictive text and complete loss of privacy
#8 opened by noloader - 0
- 4
- 1
Mention (capability) negotiation?
#47 opened by samuelweiler - 0
how should we consider cumulative impacts of additions to fingerprinting surface?
#54 opened by npdoty - 0
"Availability", not "accessibility"
#48 opened by fredrika11y - 0
use automatic publishing
#46 opened by samuelweiler - 1
Should we recommend Client Hints as method for converting passive surfaces to active?
#42 opened by JensenPaul - 1
Should we add a warning about entropy?
#40 opened by JensenPaul - 3
Needs to recognise a broader set of stakeholders and concerns - focus on the harm not the method
#45 opened by jwrosewell - 0
should we further mitigate threats of identifiers in local storage because some mechanisms won't clear all local storage?
#43 opened by npdoty - 0
- 2
- 1
Add "concealing mitigations" to mitigations
#38 opened by KOLANICH - 0
Best practice style change
#37 opened by marcoscaceres - 5
Best practices black background
#36 opened by marcoscaceres - 0
backport minor changes
#33 opened by samuelweiler - 4
move some hyperlinks to references?
#19 opened by samuelweiler - 0
- 2
Role of prompting as mitigation
#21 opened by jasonanovak - 0
Fingerprinting through timing channels
#27 opened by pes10k - 1
Explain how using a standard value has a side benefit - increasing the anonymity set.
#23 opened by jasonanovak - 2
Example for Best Practice 2?
#22 opened by jasonanovak - 5
add code example for fingerprint icon
#18 opened by samuelweiler - 0
Move "why is Tor not enough" elsewhere
#17 opened by samuelweiler - 1
- 6
actionability through a decision tree or other
#13 opened by npdoty - 4
cookie-like vs. active and passive categories
#12 opened by npdoty - 7
- 2
Reconcile TAG feedback
#9 opened by slightlyoff - 1
- 4
More specific examples/guidance
#6 opened by npdoty - 1
- 2
- 0
- 2
Discuss impact of revealing hardware information to the web vis-a-vis entropy disclosed.
#26 opened by jasonanovak - 2
Additional Example for Best Practice 5
#24 opened by jasonanovak - 1
- 1
Reference INRIA’s Hiding in the Crowd: an Analysis of the Effectiveness of Browser Fingerprinting at Large Scale?
#25 opened by jasonanovak - 4
- 2
- 1
3rd parties collusion and user tracking
#10 opened by noloader