Discuss Security Implications of TD Change and Deletion Notification

[mmccool]

Possibly add some more material in this section (or elsewhere in section 5) to discuss the implications of change and deletion notification. https://rawgit.com/w3c/wot-security/master/index.html#secure-delivery-and-storage-of-thing-description See also https://github.com/w3c/wot-scripting-api/issues/114 This issue supercedes https://github.com/w3c/wot-security/issues/93

[mmccool]

Actually, TD notifications are useful to mitigate privacy issues since they allow the ID to be updated periodically while informing "authorized" users. I'm going to write up that application shortly.

[mmccool]

This relates to immutable identifiers. In particular, if the identifiers can be updated an observers of the TD updated, it can be used as a way to "break" undesired tracking.

[mmccool]

A note regarding using TD change notifications to deal with ID changes is now in the TD security considerations. As that's the main impact we noted I will close this issue for now (reopen it if you see new impacts that should be addressed...)