privacy-proxy icon indicating copy to clipboard operation
privacy-proxy copied to clipboard

Published 20 hours ago verified publisher icon tfpauly

ClientHints and fingerprints

Open chris-wood opened this issue 3 years ago • 2 comments
trafficstars

The privacy posture of the GeoHash CH is interesting. If it's always sent, then it leaks information about the user's rough location. If it's not always sent, perhaps because it's gated by user consent, then its presence (or lack thereof) contributes to the fingerprint surface of said client. It's probably worth touching on this tradeoff in the draft.

chris-wood avatar Feb 03 '22 22:02 chris-wood

At a minimum, it's not clear to me from the draft if the Client Hint will only be sent if there was already a response header from the origin indicating that it accepts this particular hint. RFC 8942 describes some of the fingerprinting issues, but it's also a little wishy-washy on whether server-side opt-in is actually required.

npdoty avatar Apr 27 '22 21:04 npdoty

In web contexts, at least, server-side opt-in is governed by https://wicg.github.io/client-hints-infrastructure/; if Client Hints aren't defined as low-entropy, they do require opt-ins.

eeeps avatar Sep 20 '22 22:09 eeeps