W3C home > Mailing lists > Public > public-media-capture@w3.org > October 2014

Re: Wild Tangent about Crypto (was Re: CfC: only allow authenticated origins to call getUserMedia)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Wed, 8 Oct 2014 17:19:22 -0700
Message-ID: <CABkgnnVop47PmV2Ynt=ar+bteD5dWMjCfzKCC3aXwYzQiBjy+w@mail.gmail.com>
To: Chris Palmer <palmer@google.com>
Cc: Adam Roach <adam@nostrum.com>, Eric Rescorla <ekr@rtfm.com>, Anne van Kesteren <annevk@annevk.nl>, Justin Uberti <juberti@google.com>, Stefan HÃ¥kansson LK <stefan.lk.hakansson@ericsson.com>, "public-media-capture@w3.org" <public-media-capture@w3.org>
On 8 October 2014 16:14, Chris Palmer <palmer@google.com> wrote:
> It's a bit of a tangent, I agree. And I apologize for not making it
> clear that I believe all of these questions are intertwined:
> * Why should we pay the cost of developing and deploying a security
> mechanism if its guarantee is not strong enough to justify even a
> 1-bit a user-visible promise? Keep in mind that resources spent
> defeating purely passive attacks are resources that cannot be spent on
> stronger mechanisms.
> * Why should users trust an origin that cannot make a promise? (With
> their cameras and microphones?)
> * Why should we believe the cost differential between active and
> passive attack is large?

At this point, I'd request that the chair's truncate this tangent.

What is surprising here, is that this is one of the last places I
expected to see such a vehemently argued version of this argument.
We'll take every opportunity, I guess, when someone is wrong on the
Received on Thursday, 9 October 2014 00:19:49 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:26:30 UTC