- From: Chris Palmer <palmer@google.com>
- Date: Wed, 8 Oct 2014 15:59:56 -0700
- To: Eric Rescorla <ekr@rtfm.com>
- Cc: Anne van Kesteren <annevk@annevk.nl>, Justin Uberti <juberti@google.com>, Stefan HÃ¥kansson LK <stefan.lk.hakansson@ericsson.com>, "public-media-capture@w3.org" <public-media-capture@w3.org>
On Wed, Oct 8, 2014 at 3:04 PM, Eric Rescorla <ekr@rtfm.com> wrote: > I think perhaps you are misunderstanding the way that gUM works. > gUM just provides the JS with a handle to a media stream. That media > stream is not (by default) sent over the wire, but is just local to the > users > machine. So, the relevant question is how the Web application handles > that stream. This is explained in detail in the rest of the message you are > quoting here. > > http://lists.w3.org/Archives/Public/public-media-capture/2014Oct/0117.html As you note, the JavaScript could record and exfiltrate the media. If the JavaScript came from a source lacking authentication and integrity protection, there is no reason for users to believe that the JavaScript is honest and does what the user expects or desires. Nor is there any way for users to attribute bad behavior to any particular web origin, if an authenticate origin abused the user's trust.
Received on Wednesday, 8 October 2014 23:00:23 UTC