W3C home > Mailing lists > Public > public-device-apis-log@w3.org > May 2017

Re: [sensors] Add mitigation strategy for skimming attacks when focus is lost.

From: Tobie Langel via GitHub <sysbot+gh@w3.org>
Date: Tue, 30 May 2017 17:57:33 +0000
To: public-device-apis-log@w3.org
Message-ID: <issue_comment.created-304958381-1496167052-sysbot+gh@w3.org>
> Algo is not linked to anything normative, referred once from informative section.

Well, that's incorrect, it's linked from https://w3c.github.io/sensors/#update-latest-reading.

> Moreover, whole focusing / visibility issue must be addressed properly by spec without detached non-normative algorithms.

I'm no sure what you mean.

> The only problem I see is that unfocusing is not specified in html spec.

Yes.

> Maybe it can be handled by defining it in this spec temporarily. It is implementable and we somehow specified it in WebNFC, not perfect, but useable (might be improved if needed).

Well, if this is really important to you, why don't you go-ahead and fix the HTML spec directly? That's a much better solution.

I agree this would be cleaner and match people's mental model better. But the current solution is as normatively correct as the desired one (which, as I said, can't be specified right now).

Get this fixed in the WHATWG HTML spec and I'll be super happy to fix it here.

In the meantime, I am not interested in replacing normatively correct text by a flaky solution.

-- 
GitHub Notification of comment by tobie
Please view or discuss this issue at https://github.com/w3c/sensors/pull/213#issuecomment-304958381 using your GitHub account
Received on Tuesday, 30 May 2017 17:57:40 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 12:18:53 UTC