[mediacapture-main] Is more needed regarding revocation? from stefan hakansson via GitHub on 2016-03-23 (public-media-capture-logs@w3.org from March 2016)

From: stefan hakansson via GitHub <sysbot+gh@w3.org>
Date: Wed, 23 Mar 2016 08:57:47 +0000
To: public-media-capture-logs@w3.org
Message-ID: <issues.opened-142901296-1458723465-sysbot+gh@w3.org>

stefhak has just created a new issue for 
https://github.com/w3c/mediacapture-main:

== Is more needed regarding revocation? ==
This is part of Nick Doty's feedback after reviewing how his comments 
during LC has been addressed. What Nick says:
"I believe there were open questions on both user-side revocation and 
site-side revocation of persisted permissions.

On user-side revocation, Rigo had noted that RFC 7478 mandated user 
agents provide the capability for users to revoke permissions, and we 
weren't sure that had been translated into 
draft-ietf-rtcweb-security-arch. I think I may have dropped the ball 
on not creating a pull request on that point; if it's still useful for
 me to do so, let me know. The Media Capture spec assumes that 
user-side revocation is required, though I don't think it introduces 
any specific normative requirement.
        
https://lists.w3.org/Archives/Public/public-media-capture/2015Oct/0061.html

I raised the concern that sites should also have a way to revoke 
persisted permissions that they may have received, as one way of 
limiting the risk to their users where they requested camera access in
 a way that might have just been one-time and subsequently had a 
security breach of some kind (like a reflected XSS attack). The wide 
review document suggests this is resolved via the Permissions API:

> We reworked our permission system to be based on the Permission API,
 where revokation is addressed

However, I couldn't find any references to the Permissions API in the 
Media Capture and Streams document. Is there any requirement or 
expectation that user agents that implement the Media Capture spec 
will also implement the corresponding Permissions API functionality? 
Or an example for how sites can use the Permissions API to query or 
revoke permissions using that API?

The current editor's draft of the Permissions API does include a 
PermissionsDescriptor for camera and microphone, and a method for 
revoking permissions. The Permissions API is at least under 
development for both Chrome and Firefox:
https://platform-status.mozilla.org/#permissions
Although I don't think the current Firefox patch includes camera and 
microphone among the supported permission names:
https://bugzilla.mozilla.org/show_bug.cgi?id=1105827

To the extent that it's unclear whether sites will be able to revoke 
their Media Capture permissions using the Permissions API, I remain 
concerned about this point. That said, maybe the fact that the 
Permissions API editor's draft has included it is a promising sign and
 the Privacy Interest Group could provide feedback on the Permissions 
API regarding this point."

Please view or discuss this issue at 
https://github.com/w3c/mediacapture-main/issues/334 using your GitHub 
account

Received on Wednesday, 23 March 2016 08:57:50 UTC