You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
UAs should prevent entities from tracking a user across different sites without that user's intent.
The RFC2119 aspect of "SHOULD" that "there may exist valid reasons in particular circumstances to ignore a particular item" then gets elaborated in the high-level threat's detailed threat model.
I think this matches @pes10k's request for more principles in the document.
https://w3cping.github.io/privacy-threat-model/#high-level-threats currently starts with
but most of the individual threat descriptions don't follow this up by saying what UAs should do about them. For example, https://w3cping.github.io/privacy-threat-model/#hl-recognition-cross-site could add something like
The RFC2119 aspect of "SHOULD" that "there may exist valid reasons in particular circumstances to ignore a particular item" then gets elaborated in the high-level threat's detailed threat model.
I think this matches @pes10k's request for more principles in the document.