Comment 13 for bug 934887

Per-site authorization should be restricted to things that are actually important privacy issues. Telling a site your exact physical location is a privacy issue, but simply knowing the specific Firefox minor version isn't really as important. (again, it might be able to determine it progmatically) I don't want to create another bug the user prompt which would possibly just have a user clicking yes anyway without thinking.

The compromise solution would be to remove the minor version from the UA but expose it via JS with no extra authorization required. This would prevent its usage for server-side only fingerprinting but still allow sites to get at it. Client-side fingerprinting wouldn't be affected that much, as already stated it could figure out the minor version via other methods if it felt like it. However, even this solution feels like overkill to me. (and it would still break the current simple method to get full version info for support here and elsewhere, which is not an insignificant problem)