Closed mmccool closed 5 years ago
Actually, TD notifications are useful to mitigate privacy issues since they allow the ID to be updated periodically while informing "authorized" users. I'm going to write up that application shortly.
This relates to immutable identifiers. In particular, if the identifiers can be updated an observers of the TD updated, it can be used as a way to "break" undesired tracking.
A note regarding using TD change notifications to deal with ID changes is now in the TD security considerations. As that's the main impact we noted I will close this issue for now (reopen it if you see new impacts that should be addressed...)
Possibly add some more material in this section (or elsewhere in section 5) to discuss the implications of change and deletion notification. https://rawgit.com/w3c/wot-security/master/index.html#secure-delivery-and-storage-of-thing-description See also https://github.com/w3c/wot-scripting-api/issues/114 This issue supercedes https://github.com/w3c/wot-security/issues/93