[css-contain-1][css-contain-2] Set up separate privacy and security sections

frivoal · frivoal · commit f502eec13e08 · 2022-09-06T16:23:22.000+09:00
diff --git a/css-contain-1/Overview.bs b/css-contain-1/Overview.bs
@@ -1336,72 +1336,23 @@ Possible Paint-Containment Optimizations</h4>
 	3. Because they are guaranteed to be stacking contexts,
 		scrolling elements can be painted into a single GPU layer.
 
-Privacy and Security Considerations {#priv-sec}
-==============================================
 
-This specification introduces no new privacy or security considerations.
+<h2 id=privacy oldids="priv-sec">
+Privacy Considerations</h2>
 
-Like any other CSS specification, it affects the rendering of the document,
-but does not introduce any special ability to present content in a misleading way
-that was not previously available through other CSS modules
-and that isn't inherent to the act of formatting the document.
+	There are no known privacy impacts of the features in this specification.
 
-The <a href="http://www.w3.org/2001/tag/">TAG</a> has developed a <a href="https://www.w3.org/TR/security-privacy-questionnaire/">self-review questionnaire</a>
-to help editors and Working Groups evaluate the risks introduced by their specifications.
-Answers are provided below.
 
-<dl>
-<dt>Does this specification deal with personally-identifiable information?
-<dd>No.
+<h2 id=security>
+Security Considerations</h2>
 
-<dt>Does this specification deal with high-value data?
-<dd>No.
+	There are no known security impacts of the features in this specification.
 
-<dt>Does this specification introduce new state for an origin that persists across browsing sessions?
-<dd>No.
+	Like any other CSS specification, it affects the rendering of the document,
+	but does not introduce any special ability to present content in a misleading way
+	that was not previously available through other CSS modules
+	and that isn't inherent to the act of formatting the document.
 
-<dt>Does this specification expose persistent, cross-origin state to the web?
-<dd>No.
-
-<dt>Does this specification expose any other data to an origin that it doesn’t currently have access to?
-<dd>No.
-
-<dt>Does this specification enable new script execution/loading mechanisms?
-<dd>No.
-
-<dt>Does this specification allow an origin access to a user’s location?
-<dd>No.
-
-<dt>Does this specification allow an origin access to sensors on a user’s device?
-<dd>No.
-
-<dt>Does this specification allow an origin access to aspects of a user’s local computing environment?
-<dd>No.
-
-<dt>Does this specification allow an origin access to other devices?
-<dd>No.
-
-<dt>Does this specification allow an origin some measure of control over a user agent’s native UI?
-<dd>No.
-
-<dt>Does this specification expose temporary identifiers to the web?
-<dd>No.
-
-<dt>Does this specification distinguish between behavior in first-party and third-party contexts?
-<dd>No.
-
-<dt>How should this specification work in the context of a user agent’s "incognito" mode?
-<dd>No difference in behavior is needed.
-
-<dt>Does this specification persist data to a user’s local device?
-<dd>No.
-
-<dt>Does this specification have a "Security Considerations" and "Privacy Considerations" section?
-<dd>Yes, this is the section you are currently reading.
-
-<dt>Does this specification allow downgrading default security characteristics?
-<dd>No.
-</dl>
 
 <h2 class="no-num non-normative" id="changes">Appendix A. Changes</h2>
 
diff --git a/css-contain-2/Overview.bs b/css-contain-2/Overview.bs
@@ -1988,75 +1988,22 @@ Examples {#cv-examples}
 </div>
 
 
+<h2 id=privacy oldids="priv-sec">
+Privacy Considerations</h2>
 
+	There are no known privacy impacts of the features in this specification.
 
 
-Privacy and Security Considerations {#priv-sec}
-==============================================
+<h2 id=security>
+Security Considerations</h2>
 
-This specification introduces no new privacy or security considerations.
+	There are no known security impacts of the features in this specification.
 
-Like any other CSS specification, it affects the rendering of the document,
-but does not introduce any special ability to present content in a misleading way
-that was not previously available through other CSS modules
-and that isn't inherent to the act of formatting the document.
+	Like any other CSS specification, it affects the rendering of the document,
+	but does not introduce any special ability to present content in a misleading way
+	that was not previously available through other CSS modules
+	and that isn't inherent to the act of formatting the document.
 
-The <a href="http://www.w3.org/2001/tag/">TAG</a> has developed a <a href="https://www.w3.org/TR/security-privacy-questionnaire/">self-review questionnaire</a>
-to help editors and Working Groups evaluate the risks introduced by their specifications.
-Answers are provided below.
-
-<dl>
-<dt>Does this specification deal with personally-identifiable information?
-<dd>No.
-
-<dt>Does this specification deal with high-value data?
-<dd>No.
-
-<dt>Does this specification introduce new state for an origin that persists across browsing sessions?
-<dd>No.
-
-<dt>Does this specification expose persistent, cross-origin state to the web?
-<dd>No.
-
-<dt>Does this specification expose any other data to an origin that it doesn’t currently have access to?
-<dd>No.
-
-<dt>Does this specification enable new script execution/loading mechanisms?
-<dd>No.
-
-<dt>Does this specification allow an origin access to a user’s location?
-<dd>No.
-
-<dt>Does this specification allow an origin access to sensors on a user’s device?
-<dd>No.
-
-<dt>Does this specification allow an origin access to aspects of a user’s local computing environment?
-<dd>No.
-
-<dt>Does this specification allow an origin access to other devices?
-<dd>No.
-
-<dt>Does this specification allow an origin some measure of control over a user agent’s native UI?
-<dd>No.
-
-<dt>Does this specification expose temporary identifiers to the web?
-<dd>No.
-
-<dt>Does this specification distinguish between behavior in first-party and third-party contexts?
-<dd>No.
-
-<dt>How should this specification work in the context of a user agent’s "incognito" mode?
-<dd>No difference in behavior is needed.
-
-<dt>Does this specification persist data to a user’s local device?
-<dd>No.
-
-<dt>Does this specification have a "Security Considerations" and "Privacy Considerations" section?
-<dd>Yes, this is the section you are currently reading.
-
-<dt>Does this specification allow downgrading default security characteristics?
-<dd>No.
-</dl>
 
 <h2 class="no-num non-normative" id="changes">Appendix A. Changes</h2>
 
