W3C home > Mailing lists > Public > public-device-apis@w3.org > November 2015

Re: [sensors] About securing sensors data

From: Tobie Langel via GitHub <sysbot+gh@w3.org>
Date: Tue, 10 Nov 2015 09:15:07 +0000
To: public-device-apis@w3.org
Message-ID: <issue_comment.created-155364867-1447146906-sysbot+gh@w3.org>
So as discussed F2F, the current design allows for this. For example, 
you could add an boolean `encrypted` member to the constructor's 
dictionary or pass the recipient's public key via the same mean. The 
sensor would then emit `OpaqueSensorReading` objects instead of 
regular ones, and the recipient only would be able to decrypt the 
data, the application then simply becoming a pipe for it.

So for example:

```js
var sensor = new HeartbeatSensor({ key: CARDIOLOGIST_PUBLIC_KEY });
var buffer = [];
sensor.ondata = (e) => {
    buffer.push(e.reading);
    if (buffer.length > 15) {
        fetch(CARDIOLOGIST_URL, { body: JSON.stringify(buffer) });
        buffer.length = 0;
    }
}
```

Now, I don't know what interest there is for something like this at 
this point, so it seems very early to bake it into this spec. Have you
 heard from implementors interested in enabling this use case?



-- 
GitHub Notif of comment by tobie
See https://github.com/w3c/sensors/issues/71#issuecomment-155364867
Received on Tuesday, 10 November 2015 09:15:09 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:07 UTC