W3C home > Mailing lists > Public > public-media-capture@w3.org > December 2012

Re: How to check if permission denied?

From: Harald Alvestrand <harald@alvestrand.no>
Date: Thu, 06 Dec 2012 20:31:03 +0100
Message-ID: <50C0F277.1010903@alvestrand.no>
To: Martin Thomson <martin.thomson@gmail.com>
CC: "public-media-capture@w3.org" <public-media-capture@w3.org>
On 12/06/2012 06:40 PM, Martin Thomson wrote:
> On 6 December 2012 00:03, Harald Alvestrand <harald@alvestrand.no> wrote:
>> One mitigation strategy we discussed briefly in Lyon was to make failure on
>> unsatisfied constraints rate-limited
> I don't see that as satisfactory.  Either the information is really
> necessary, which means that applications will need to make a couple of
> tests quickly at page load time, or it is dangerous, in which case
> rate limiting isn't going to limit the damage enough to make any
> significant difference.  Yes, you can limit the damage, but only after
> the first few bits of fingerprint are recovered.
> We need to solve this problem.  I'm now more firmly resolved that
> mandatory constraints are bad.  The fingerprinting perspective is
> actually less interesting than the usability one.  The usability one
> is, to my mind, more serious than the concern that ekr raised with
> respect to synchronous gUM.
And, similarly from an usability perspective, I'm convinced that 
mandatory constraints are necessary.
One of us must be wrong.
> I'd like to get some face-to-face agenda time for this, because I
> don't see a conclusion until there is a sufficient force behind it.
Received on Thursday, 6 December 2012 19:31:31 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:26:13 UTC