Re: [w3ctag/spec-reviews] Cross-spec device identification & association (#64)

As far as the sensor work goes, I'm completely punting on exposing identifiers until I hear of potential use cases for them, or until we actually start seeing (1) multiple sensors of the same type in the same device or (2) a use of generic sensor APIs beyond same-device sensors.

Note there might be genuine use cases for exposing actual hardware identifiers in order to identify precisely the chip that's being used. This will absolutely be the case for the [WebGPIO work](https://rawgit.com/browserobo/WebGPIO/master/index.html) from the [Browsers and Robotics CG](https://www.w3.org/community/browserobo/). But there also might be legitimate use for this with sensors derived from the Generic Sensor API. In this case, it would be useful to get more precise guidance from the TAG (or in the permission spec itself) as to how permissioning should be handled. For example, should requiring access to the sensor HW identifier require a different permission level than simply accessing sensor data (e.g. through dedicated [permission descriptor types](https://w3c.github.io/permissions/#permission-descriptor-type))?

Worth also noting that because operating systems already are an abstraction-level above sensors—as are sensor hubs in more high-end devices—there is no clear, one to one mapping, between a physical sensor and its software representation within the user agent. This might cause a careless implementation to unintentionally reveal HW implementation details, for example, by using the same random identifier for different sensor types provided by the same sensor hub, or tying a high-level sensor to a specific low-level sensor's ID used in its implementation.


---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/spec-reviews/issues/64#issuecomment-217110837