- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Wed, 10 Jul 2013 09:28:50 -0700
- To: Stefan HÃ¥kansson LK <stefan.lk.hakansson@ericsson.com>
- Cc: Dominique Hazael-Massieux <dom@w3.org>, "public-media-capture@w3.org" <public-media-capture@w3.org>
On 9 July 2013 23:33, Stefan HÃ¥kansson LK <stefan.lk.hakansson@ericsson.com> wrote: > For the local use "noaccess" does not make a difference. The user can't > in any way verify that all access to media is limited, the app does not > get a shortcut to access microphone and camera. Basically the user has > to trust the application used to apply "noaccess", and that would > protect the media from being misused at any remote receiver. No for local use, "noaccess" makes a very big difference. Without it, the JavaScript provided by the application can do anything it likes with the data. With it, the only option available is to render it in a frame that consequently becomes inaccessible to the script. Of course, that has no intrinsic value until the stream transits the network. The constraints around this are such that a remote party who receives the stream and the appropriate supporting signaling can make assertions about where the data came from. That is, the receiver of such a stream, if they also protect the stream from modification (I believe that we need to require this behavior, but can't find the specific text that says as much...I'll raise an issue), can inform the user with some confidence that the stream has not been modified by the application.
Received on Wednesday, 10 July 2013 16:29:21 UTC