- From: <piranna@gmail.com>
- Date: Tue, 14 Jan 2014 16:46:48 +0100
- To: Dominique Hazael-Massieux <dom@w3.org>
- Cc: Martin Thomson <martin.thomson@gmail.com>, Tim Panton new <thp@westhawk.co.uk>, Silvia Pfeiffer <silviapfeiffer1@gmail.com>, Jan-Ivar Bruaroey <jib@mozilla.com>, public-webrtc <public-webrtc@w3.org>, Alexandre Gouaillard <agouaillard@gmail.com>, Randell Jesup <randell-ietf@jesup.org>
Makes sense... What about having several windows open with different permisions, for example a bank (don't allow anybody) and a cinema forum (allow everybody)? Show a black rectangle on the ones that didn't give access permisions to that domain? You as user would be interested on share it, at least for this session... Maybe going to the restrictive one (the bank) and enable an option "share this tab content for this session"? With some support by the OS, this could also extend for third party app windows... 2014/1/14 Dominique Hazael-Massieux <dom@w3.org>: > On lun., 2014-01-13 at 10:13 -0800, Martin Thomson wrote: >> That's somewhat attractive, but I'm not sure that that is a good idea. >> We haven't proven unequivocally that http: pages don't contain >> sensitive content. >> >> Sure, you can argue that there is nothing that an active attacker >> can't already get, but that's a little different to what we're getting >> here. > > How about tying this to CORS? If you already grant cross-origin access > to your Web content via CORS, can it be inferred you're happy to share > its content via screen sharing? > > Dom > > > -- "Si quieres viajar alrededor del mundo y ser invitado a hablar en un monton de sitios diferentes, simplemente escribe un sistema operativo Unix." – Linus Tordvals, creador del sistema operativo Linux
Received on Tuesday, 14 January 2014 15:47:37 UTC