Re: [sensors] Security issues when used in combination with other APIs from Anssi Kostiainen via GitHub on 2017-09-19 (public-device-apis-log@w3.org from September 2017)

From: Anssi Kostiainen via GitHub <sysbot+gh@w3.org>
Date: Tue, 19 Sep 2017 11:51:47 +0000
To: public-device-apis-log@w3.org
Message-ID: <issue_comment.created-330515186-1505821896-sysbot+gh@w3.org>

I feel that is too generic to be useful for implementers. In my opinion, a better approach is to be specific, and define the concrete threats in concrete sensor specifications similarly to the Ambient Light Sensor: https://w3c.github.io/ambient-light/#security-and-privacy

I'd be inclined to close this issue with a note that we should document concrete attacks in applicable concrete specs.

-- 
GitHub Notification of comment by anssiko
Please view or discuss this issue at https://github.com/w3c/sensors/issues/193#issuecomment-330515186 using your GitHub account

Received on Tuesday, 19 September 2017 11:51:39 UTC