W3C home > Mailing lists > Public > public-media-capture@w3.org > August 2013

Re: Proposal for output device selection

From: Silvia Pfeiffer <silviapfeiffer1@gmail.com>
Date: Tue, 20 Aug 2013 20:57:38 +1000
Message-ID: <CAHp8n2n1pCTVOMwh=L0qSxVVcvAjUeok4cxMabQKtFne5=eL2A@mail.gmail.com>
To: Harald Alvestrand <harald@alvestrand.no>
Cc: public-media-capture@w3.org
On Tue, Aug 20, 2013 at 6:21 PM, Harald Alvestrand <harald@alvestrand.no>wrote:

> On 08/19/2013 06:33 PM, Martin Thomson wrote:
>
>> On 19 August 2013 01:06, Tommy Widenflycht (ᛏᚮᛘᛘᚤ) <tommyw@google.com>
>> wrote:
>>
>>> I would like to see a separate permissions request for device enum which
>>> would solve all fingerprinting issues.
>>>
>> Sadly, I don't think that this improves security in any meaningful
>> way.  Nor do I believe that the benefits with respect to
>> fingerprinting resilience are as significant as some people believe.
>>
>> The main problem with requiring user consent for enumeration is that
>> it is very difficult to communicate effectively.  By which I mean that
>> it's very difficult to gain any significant confidence that the user
>> has understood and consented to the request.  And it's hard to
>> guarantee that requests of this nature don't become annoyances, which
>> is highly counterproductive.
>>
>
> Would it make more sense to have a separate "get permissions" call, which
> took as argument an explicit enumeration of the kinds of resources the
> script wanted (input devices, output devices, cameras, microphones, screen
> captures...)?
>
> Then it would be the job of the UA to figure out how to message the
> request for permissions appropriately, and there would only be (at most)
> one permissions prompt per origin as long as requested permissions did not
> change.
>
> For backwards compatibility with existing getUserMedia, we could say that
> getUserMedia implicitly called "get permissions"(audio if set, video if
> set) if "get permissions" hadn't been called before.
>
> (this came up in an offline conversation with Tommy; it's not my idea)



I think this sounds sensible. I'd certainly prefer to just ask the user for
access once per page load rather than once per resource.

Silvia.
Received on Tuesday, 20 August 2013 10:58:30 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:26:18 UTC