- From: Harald Alvestrand <harald@alvestrand.no>
- Date: Sat, 04 Jul 2015 11:59:55 +0200
- To: public-media-capture@w3.org
On 07/04/2015 07:02 AM, Stefan Håkansson LK wrote: > On 04/07/15 00:16, Martin Thomson wrote: >> On 3 July 2015 at 12:32, Jan-Ivar Bruaroey <jib@mozilla.com> wrote: >>> What if we only persisted deviceIds after a successful gUM call? >> That's an interesting suggestion. I think that it's a good idea. > I agree. > Seems good on first glance. Does the persistence last until cookies are cleared? The only privacy consideration I can think of is that an origin can tell whether or not the user has (since last cookie clearing) given permission for any device in the past; I can't see an attack offhand that can be launched based on that information that wouldn't also be launchable by setting a cookie. -- Surveillance is pervasive. Go Dark.
Received on Saturday, 4 July 2015 10:00:28 UTC