On 10/29/2015 07:38 AM, Nick Doty wrote: > On Oct 29, 2015, at 3:19 PM, Martin Thomson <martin.thomson@gmail.com > <mailto:martin.thomson@gmail.com>> wrote: >> >> On 29 October 2015 at 15:15, Nick Doty <npdoty@w3.org >> <mailto:npdoty@w3.org>> wrote: >>> If, to comply with that, we should add a requirement to >>> draft-ietf-rtcweb-security-arch for revocation, which it sounds like >>> implementing browsers already support, just let us know where to >>> send the >>> pull request. >> >> I think that mediacapture is a more reasonable place to house that >> sort of requirement. > > Currently there is a non-normative suggestion about this in Media > Capture and Streams section on Privacy and Security Considerations. > http://w3c.github.io/mediacapture-main/#privacy-and-security-considerations > > Per the comments in PING's earlier message, we believe it would be > useful to make this a normative requirement. > https://lists.w3.org/Archives/Public/public-privacy/2015OctDec/0028.html > > As a mechanical matter, should we make a pull request to Media Capture > and Streams? Or if the editors typically resolve these themselves, > that's great. We've tried to address the issues we raised as a result of the PING message (3 of them), but I'm happy to see a pull request with specific language. Note that the whole privacy and security considerations section is marked non-normative; if any MUST-strength language is to be added, it needs to go in the description of the mechanism it's a MUST for, and be referenced by the privacy and security considerations.
Received on Tuesday, 17 November 2015 08:42:14 UTC