- From: Anant Narayanan <anant@mozilla.com>
- Date: Sun, 22 Jan 2012 20:48:59 -0800
- To: public-media-capture@w3.org
On Jan 20, 2012, at 12:08 AM, Travis Leithead wrote: > Regarding the fingerprinting issue with enumeration of devices/characteristics--I understand that the risk of enumeration is in providing it _before_ user approval, right? So, what if it's available only _after_ user approval? (e.g., first the developer hints at what they want, then the user selects a device, then the developer can verify if the user's choice is suitable for the application and fail/succeed at that point?) This would alleviate some concerns, but not completely, as it depends entirely on *how* the user-agent ends up asking the user for permission. I'm not sure how we could enforce that in the standard given the wide variety of devices that hope to implement this API. For example, if UAs only show a preview of the currently selected camera during the consent step, we might break user expectations by letting the website enumerate all cameras anyway (i.e. preview shows user-facing camera, which I am ok with sharing, but not my other camera). Will a website be able to switch the streams to another camera without triggering another dialog? Part of this discussion is to see if we can come up with an API that supports all use cases without placing excessive requirements on how the UA should ask for consent (eg. by placing a requirement that previews for all cameras that will be shared with the web page be shown to the user). If that's not possible, then I'm certainly open to figuring out how to safely provide enumeration of capabilities and devices to the web page. However, I think we should lean on the side of hints until it has been thoroughly discarded as unworkable by applications. -Anant
Received on Monday, 23 January 2012 04:50:01 UTC