Move "fingerprinting vector" definition to Infra Standard

zcorpan · zcorpan · commit 8b0e4a1fe8d1 · 2017-08-25T14:37:46.000+02:00
PR to add equivalent text in Infra: whatwg/infra#115
diff --git a/source b/source
@@ -792,78 +792,6 @@ interface <dfn data-x="">Example</dfn> {
 
 
 
-  <h3 id="fingerprint">Privacy concerns</h3>
-
-  <!-- NON-NORMATIVE SECTION -->
-
-  <p>Some features of HTML trade user convenience for a measure of user privacy.</p>
-
-  <p>In general, due to the Internet's architecture, a user can be distinguished from another by the
-  user's IP address. IP addresses do not perfectly match to a user; as a user moves from device to
-  device, or from network to network, their IP address will change; similarly, NAT routing, proxy
-  servers, and shared computers enable packets that appear to all come from a single IP address to
-  actually map to multiple users. Technologies such as onion routing can be used to further
-  anonymize requests so that requests from a single user at one node on the Internet appear to come
-  from many disparate parts of the network.</p>
-
-  <p>However, the IP address used for a user's requests is not the only mechanism by which a user's
-  requests could be related to each other. Cookies, for example, are designed specifically to enable
-  this, and are the basis of most of the Web's session features that enable you to log into a site
-  with which you have an account.</p>
-
-  <p>There are other mechanisms that are more subtle. Certain characteristics of a user's system can
-  be used to distinguish groups of users from each other; by collecting enough such information, an
-  individual user's browser's "digital fingerprint" can be computed, which can be as good, if not
-  better, as an IP address in ascertaining which requests are from the same user.</p>
-
-  <p>Grouping requests in this manner, especially across multiple sites, can be used for both benign
-  (and even arguably positive) purposes, as well as for malevolent purposes. An example of a
-  reasonably benign purpose would be determining whether a particular person seems to prefer sites
-  with dog illustrations as opposed to sites with cat illustrations (based on how often they visit
-  the sites in question) and then automatically using the preferred illustrations on subsequent
-  visits to participating sites. Malevolent purposes, however, could include governments combining
-  information such as the person's home address (determined from the addresses they use when getting
-  driving directions on one site) with their apparent political affiliations (determined by
-  examining the forum sites that they participate in) to determine whether the person should be
-  prevented from voting in an election.</p>
-
-  <p>Since the malevolent purposes can be remarkably evil, user agent implementors are encouraged to
-  consider how to provide their users with tools to minimize leaking information that could be used
-  to fingerprint a user.</p>
-
-  <p>Unfortunately, as the first paragraph in this section implies, sometimes there is great benefit
-  to be derived from exposing the very information that can also be used for fingerprinting
-  purposes, so it's not as easy as simply blocking all possible leaks. For instance, the ability to
-  log into a site to post under a specific identity requires that the user's requests be
-  identifiable as all being from the same user, more or less by definition. More subtly, though,
-  information such as how wide text is, which is necessary for many effects that involve drawing
-  text onto a canvas (e.g. any effect that involves drawing a border around the text) also leaks
-  information that can be used to group a user's requests. (In this case, by potentially exposing,
-  via a brute force search, which fonts a user has installed, information which can vary
-  considerably from user to user.)</p>
-
-  <p w-nodev>Features in this specification which can be <dfn data-x="fingerprinting vector">used to
-  fingerprint the user</dfn> are marked as this paragraph is.
-  <!--INSERT FINGERPRINT-->
-  </p>
-
-  <p>Other features in the platform can be used for the same purpose, though, including, though not
-  limited to:</p>
-
-  <ul>
-
-   <li>The exact list of which features a user agents supports.</li>
-
-   <li>The maximum allowed stack depth for recursion in script.</li>
-
-   <li>Features that describe the user's environment, like Media Queries and the <code>Screen</code>
-   object. <ref spec=MQ> <ref spec=CSSOMVIEW></li>
-
-   <li>The user's time zone.</li>
-
-  </ul>
-
-
   <h4 id="fingerprint-postMessage">Cross-site communication</h4>
 
   <p>The <code data-x="dom-window-postMessage">postMessage()</code> API provides a mechanism by
@@ -2357,6 +2285,7 @@ a.setAttribute('href', 'https://example.com/'); // change the content attribute
      <li>The general iteration terms <dfn data-x-href="https://infra.spec.whatwg.org/#iteration-while">while</dfn>,
              <dfn data-x-href="https://infra.spec.whatwg.org/#iteration-continue">continue</dfn>, and
              <dfn data-x-href="https://infra.spec.whatwg.org/#iteration-break">break</dfn>.</li>
+     <li id="fingerprint"><dfn id="fingerprinting-vector" data-x-href="https://infra.spec.whatwg.org/#fingerprinting-vector">fingerprinting vector</dfn>
      <li><dfn data-x-href="https://infra.spec.whatwg.org/#code-point">code point</dfn> and its synonym
          <dfn data-x-href="https://infra.spec.whatwg.org/#code-point">character</dfn></li>
      <li><dfn data-x-href="https://infra.spec.whatwg.org/#surrogate">surrogate</dfn></li>
