Open samuelweiler opened 3 years ago
@samuelweiler can you provide some more detail? I'm not sure what kind of fingerprints counts as 'ephemeral', or how that could be achieved with a service worker. I assume by timers you mean setTimeout
and setInterval
, but I'm not sure what counts as 'context-dependent'.
It might be helpful if you could frame it relative to another form of origin storage, eg describe what fingerprinting capability service worker offers beyond localStorage
.
Service worker is part of origin storage, so if you ask the browser to clear a site's storage, the service worker goes too.
At first glance, I'm not clear on whether events can be fired based only on context-dependent timers or also based on external things. If the latter, then presumable service workers could be a vector for ephemeral fingerprinting. Even if there's not an issue, this should be written up in the privacy considerations section, providing justification for why it's not an issue.