W3C home > Mailing lists > Public > public-media-capture-logs@w3.org > March 2016

Re: [mediacapture-main] Browsing sessions and device IDs

From: jan-ivar via GitHub <sysbot+gh@w3.org>
Date: Fri, 11 Mar 2016 17:49:31 +0000
To: public-media-capture-logs@w3.org
Message-ID: <issue_comment.created-195476025-1457718569-sysbot+gh@w3.org>
I think the PR goes too far. Here's what happened: In July, several of
 us confused "browser session" (browser-close, like session-cookies 
[3]) and "browsing session" (navigate away from page).

Firefox implements the former, i.e. clears temporary *pre-grant 
deviceIds* on browser shutdown (and last private browsing mode 

The spec added a clear definition later, retroactively applied to this
 language (not a great way to cement intentional consensus). Realizing
 the spec was now stricter than what Firefox implemented, I opened 
[Bug 1223773](https://bugzilla.mozilla.org/show_bug.cgi?id=1223773) to
 comply, which I did, but the patch never landed due to discussion in 
the bug (the bug is now open, so I encourage people to read it).

Therefore, changing "browsing session" to "browser session" (or 
whatever we want to call it), is the *minimal ask*. Anything else is 
bathwater and baby.

> I think that's rolling back a change that @jan-ivar asked for (if my
 memory's right, he was the one who wanted the ability to not store 
the device-id-salting cookie if no device had been opened in the 

If you recall, this solved last call feedback from privacy IG and 
contentious discussion from public backlash at the time [1] [2]. Do we
 really wish to reopen a privacy debate now?

[3] Interesting info on session cookies: 

GitHub Notification of comment by jan-ivar
Please view or discuss this issue at 
 using your GitHub account
Received on Friday, 11 March 2016 17:49:34 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:27:29 UTC