W3C home > Mailing lists > Public > public-device-apis-log@w3.org > May 2017

Re: [sensors] Relation to Permissions API

From: raymeskhoury via GitHub <sysbot+gh@w3.org>
Date: Mon, 08 May 2017 03:23:28 +0000
To: public-device-apis-log@w3.org
Message-ID: <issue_comment.created-299764049-1494213807-sysbot+gh@w3.org>
> We (me and @alexshalamov) have a concern that introducing of low(high)-resolution mode will be quite confusing for web developers who will not know exactly which permission token is required for the functionality they intend to provide. Moreover, definition of high / low thresholds by the UA, would lead to fragmentation between browsers.

> Also for motion sensor we can hardly find a ‘safe’ zone for both frequency or accuracy (#98 (comment) ), search papers [ ALS, Motion sensors, Gyro ] tell that there can be vulnerabilities even at low frequencies.

> For ALS we do not really have the use cases requiring accurate readings (@tobie do we?), even rough data (10 - 100 lux accuracy) shall be enough for example for updating a web page style based on the surrounding illumination.

> We believe that for any sensor type the returned data can be rounded to the values which are good enough to implement the use cases, if it improves user’s security/privacy (this UA can decide), but there is no actual need for introducing any extra modes and permission tokens.

>From a permissions standpoint I agree with the sentiment above. I would much rather avoid having low/high precision modes if we can avoid it. It's complicated for developers and for user agents and I'm not convinced of the value of it (e.g. that it enables additional use cases or provides better security/privacy). 

-- 
GitHub Notification of comment by raymeskhoury
Please view or discuss this issue at https://github.com/w3c/sensors/issues/183#issuecomment-299764049 using your GitHub account
Received on Monday, 8 May 2017 03:23:35 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 12:18:53 UTC