cwebber2I guess that's right, both security and privacy are as distinct and yet intertwined as authorization and authentication are, to supply another intermingled thing I just checked all the terms of in my spec ;)
aaronpkrhiaro: csarven: how did you get the reference to social-web-protocols to have the display text "Social Web Protocols"? When I add [[social-web-protocols]] it doesn't use the nice display name.
rhiaro"[Social Web Protocols] provides recommendations on how to carry out discovery, with consideration to servers which may be unaware of this protocol" ?
aaronpk> If the user agent is a Micropub client, the client should "forget" any access tokens and Micropub endpoints associated with the user's browsing session when in "incognito" mode.
aaronpkI read that question as "if someone is implementing this spec in a browser, what do they need to consider when implementing the 'incognito' mode"
aaronpkcwebber2: and for the "persist data to a user’s local device" question, you might want to add something about how the user agent should clear out authentication
rhiarooh, I just thought they provided like three options and when the answer is 'makes no difference' it was okay to copypaste. I didn't think about it in terms of implementing it in the browser. I dunno.