W3C home > Mailing lists > Public > public-geolocation@w3.org > September 2014

Re: Require authenticated origin for geolocation

From: Chris Palmer <palmer@google.com>
Date: Sun, 28 Sep 2014 11:53:19 -0700
Message-ID: <CAOuvq23BZWdyhCZDTVzsRpC__TFuoWkZKRvJvD6jE4p0ZK1pKQ@mail.gmail.com>
To: Anne van Kesteren <annevk@annevk.nl>
Cc: "Mandyam, Giridhar" <mandyam@quicinc.com>, Doug Turner <doug.turner@gmail.com>, Ryan Sleevi <sleevi@google.com>, public-geolocation <public-geolocation@w3.org>
On Sun, Sep 28, 2014 at 3:20 AM, Anne van Kesteren <annevk@annevk.nl> wrote:

>> May I ask why you did not suggest a similar 3-step plan of action for gUM?
>> It seems like an approach that can be adopted broadly within the W3C for
>> sensitive API’s.
> I have suggested they require TLS. So far it is taking a bit more to
> convince them, but I'm hopeful it will happen.

Strong Agree. getUserMedia and Geolocation are both great candidates
for secure/authenticated* origins only. We should draw up a timeline
for phasing it in.

* #include <debates/nomenclature.h>
Received on Sunday, 28 September 2014 18:53:46 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:51:09 UTC