Re: CfC: only allow authenticated origins to call getUserMedia

On Tue, Oct 7, 2014 at 8:59 AM, Justin Uberti <juberti@google.com> wrote:

> I am not OK with this, as described, for three reasons:
> 1) there is already substantial incentive for apps to use authenticated
> origins, e.g. persistent permissions in chrome, browsers marking https
> origins favorably
>

Firefox also allows persistent permissions (I believe) FF 33 (due out
mid-month),
but only for HTTPS.



> 2) this breaks real, existing applications, e.g. http://webcamtoy.com/
> 3) makes trying/experimenting with webrtc difficult, e.g.
> http://jsfiddle.net, or http://localhost
>
> We still want to encourage HTTPS, of course, so I think it would be fine
> to have console warnings or similar methods of persuasion.
>

I agree with Justin's position.

As Adam mentioned in another thread, it's hard to think of a clearer case
of informed
user consent, so this doesn't seem like it has special security benefit
aside from the
benefit of deprecating non-HTTPS everywhere.

Pre-warning: this has been debated extensively already, so I don't intend
to engage
in a lot of back and forth here unless something new is said. I'm only
responding here
to make clear that there's not consensus for this change.

-Ekr


> On Mon, Oct 6, 2014 at 10:35 PM, Stefan Håkansson LK <
> stefan.lk.hakansson@ericsson.com> wrote:
>
>> Following the recent discussion on the list, the Chairs detect that
>> there seems to be consensus to move to only allowing authenticated
>> origins (as defined in [1]) to use getUserMedia (both the callback and
>> Promise version).
>>
>> Please respond by Friday this week (Oct 10th) if you’re OK or Not OK
>> with this change (silence will be interpreted as being OK with it).
>>
>> Harald and Stefan
>>
>> [1]
>>
>> https://w3c.github.io/webappsec/specs/mixedcontent/#is-origin-authenticated
>>
>>
>