> Perhaps you could do something similar with the HTTP mechanism, but I don't know how, exactly. > > Another issue with the HTTP headers approach is that it doesn't seem like a natural fit for offline-enabled web apps that want to use the location info offline.
Right. I am not advocating the HTTP header mechanism. I was calling out the need for policy on top of which ever solution that ends up being used (particularly in the context of the doubleclick scenario that was brought up earlier).
