- From: Martin Thomson <martin.thomson@gmail.com>
- Date: Tue, 16 Jul 2013 09:39:26 -0700
- To: Harald Alvestrand <harald@alvestrand.no>
- Cc: "public-media-capture@w3.org" <public-media-capture@w3.org>
On 16 July 2013 07:15, Harald Alvestrand <harald@alvestrand.no> wrote: > > How does the information about whether or not the stream had the "noaccess" > constraint at the origin site get communicated to the receiver site, and > which component is going to be the guarantor of the authenticity of that > information? So, as I understand the proposal, the browser at the origin side applies the "noaccess" constraint and implicitly includes that in the identity assertion. That is, an identity assertion is only provided for protected streams. The receiver can know from the fact that there is an identity assertion in the signaling that the stream was protected from modification and (for peerIdentity) eavesdropping. I don't know if we've discussed having these signals being explicit. That is also a possibility. (I too have no good idea about the right venue for this particular discussion. It crosses boundaries.)
Received on Tuesday, 16 July 2013 16:39:53 UTC