W3C home > Mailing lists > Public > public-media-capture@w3.org > August 2013

Re: Proposal for output device selection

From: Silvia Pfeiffer <silviapfeiffer1@gmail.com>
Date: Tue, 20 Aug 2013 20:57:38 +1000
Message-ID: <CAHp8n2n1pCTVOMwh=L0qSxVVcvAjUeok4cxMabQKtFne5=eL2A@mail.gmail.com>
To: Harald Alvestrand <harald@alvestrand.no>
Cc: public-media-capture@w3.org
On Tue, Aug 20, 2013 at 6:21 PM, Harald Alvestrand <harald@alvestrand.no>wrote:

> On 08/19/2013 06:33 PM, Martin Thomson wrote:
>> On 19 August 2013 01:06, Tommy Widenflycht (ᛏᚮᛘᛘᚤ) <tommyw@google.com>
>> wrote:
>>> I would like to see a separate permissions request for device enum which
>>> would solve all fingerprinting issues.
>> Sadly, I don't think that this improves security in any meaningful
>> way.  Nor do I believe that the benefits with respect to
>> fingerprinting resilience are as significant as some people believe.
>> The main problem with requiring user consent for enumeration is that
>> it is very difficult to communicate effectively.  By which I mean that
>> it's very difficult to gain any significant confidence that the user
>> has understood and consented to the request.  And it's hard to
>> guarantee that requests of this nature don't become annoyances, which
>> is highly counterproductive.
> Would it make more sense to have a separate "get permissions" call, which
> took as argument an explicit enumeration of the kinds of resources the
> script wanted (input devices, output devices, cameras, microphones, screen
> captures...)?
> Then it would be the job of the UA to figure out how to message the
> request for permissions appropriately, and there would only be (at most)
> one permissions prompt per origin as long as requested permissions did not
> change.
> For backwards compatibility with existing getUserMedia, we could say that
> getUserMedia implicitly called "get permissions"(audio if set, video if
> set) if "get permissions" hadn't been called before.
> (this came up in an offline conversation with Tommy; it's not my idea)

I think this sounds sensible. I'd certainly prefer to just ask the user for
access once per page load rather than once per resource.

Received on Tuesday, 20 August 2013 10:58:30 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:26:18 UTC