W3C home > Mailing lists > Public > public-privacy@w3.org > January to March 2013

Re: Slides for Media Capture discussion (was: PING - 28 March 2013 - agenda and call details)

From: Thomas Roessler <tlr@w3.org>
Date: Thu, 28 Mar 2013 12:12:50 +0100
Cc: "public-privacy@w3.org Privacy" <public-privacy@w3.org>
Message-Id: <1DC3FECF-2FC5-4019-A40D-ED998A341083@w3.org>
To: Dominique Hazael-Massieux <dom@w3.org>
Thanks, Dom.

I'll be unavailable to join the call, but would suggest the unique identifiers generated as part of this API as an important topic for a privacy discussion.

Specific points to look at:

1. What is the exact rationale for a media source identifier that is (it seems) supposed to be globally unique and persistent across sessions?  It would be useful to look at the requirements in more detail, and see what the functionality and privacy tradeoffs are between low-entropy and high-entropy identifiers.

2. Scope of this identifier.  If the identifier is high-entropy, then scoping it by origin is probably insufficient: Instead, you'd want to scope it by origin pair, i.e., origin of the top-level frame, and origin from which the script is executed.  Otherwise, a third party iframe might be able to discover that identifier across multiple first parties, which would generate another readily trackable identifier.

Thomas Roessler, W3C <tlr@w3.org> (@roessler)

On 2013-03-28, at 10:57 +0100, Dominique Hazael-Massieux <dom@w3.org> wrote:

> Le mercredi 13 mars 2013 à 19:48 +0100, Christine Runnegar a écrit :
>> 2. Media Capture Task Force* - camera and microphone access (Dominique Hazael-Massieux)
> Here are the slides I intend to use during the discussion later today:
> http://www.w3.org/2013/Talks/dhm-ping-gum/
> Dom
Received on Thursday, 28 March 2013 12:53:47 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:23:55 UTC