W3C home > Mailing lists > Public > public-media-capture@w3.org > July 2013

Re: noaccess / peerIdentity as constraints

From: Martin Thomson <martin.thomson@gmail.com>
Date: Wed, 10 Jul 2013 09:28:50 -0700
Message-ID: <CABkgnnXVKv1n0ojK7sqx0DnB+8V4QoLFMUX4OQ8cc53xPt+dzA@mail.gmail.com>
To: Stefan HÃ¥kansson LK <stefan.lk.hakansson@ericsson.com>
Cc: Dominique Hazael-Massieux <dom@w3.org>, "public-media-capture@w3.org" <public-media-capture@w3.org>
On 9 July 2013 23:33, Stefan HÃ¥kansson LK
<stefan.lk.hakansson@ericsson.com> wrote:
> For the local use "noaccess" does not make a difference. The user can't
> in any way verify that all access to media is limited, the app does not
> get a shortcut to access microphone and camera. Basically the user has
> to trust the application used to apply "noaccess", and that would
> protect the media from being misused at any remote receiver.

No for local use, "noaccess" makes a very big difference.  Without it,
the JavaScript provided by the application can do anything it likes
with the data.  With it, the only option available is to render it in
a frame that consequently becomes inaccessible to the script.

Of course, that has no intrinsic value until the stream transits the network.

The constraints around this are such that a remote party who receives
the stream and the appropriate supporting signaling can make
assertions about where the data came from.  That is, the receiver of
such a stream, if they also protect the stream from modification (I
believe that we need to require this behavior, but can't find the
specific text that says as much...I'll raise an issue), can inform the
user with some confidence that the stream has not been modified by the
application.
Received on Wednesday, 10 July 2013 16:29:21 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:26:18 UTC