- From: Harald Alvestrand <harald@alvestrand.no>
- Date: Mon, 29 Jun 2015 14:58:36 +0200
- To: public-media-capture@w3.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/29/2015 12:28 PM, Mike O'Neill wrote: > Rules about cookies were laid down at a time the privacy risks were not as clear. New APIs need to take into account what we have learnt since then and user’s increasing concerns about privacy. Of course you could add sections calling for UA UI to explain the risks, which would have to be spelled out as it is a new technology, but why not do better than that. The W3C has a responsibility to regain user’s trust in the platform. > > What is the reason for allowing unauthorised access to deviceID anyway? And why by third-parties? Two desired functionalities led to the current design: - - The number of devices of each type is considered important for UIs that adapt to the end system capabilities. - - An UI that is resumed (typically "reload" or a frequently used page) wants to be able to support "use this device again if it's still available; if not, present some other UI". (The specific exemplar issue involved an app that worked with a specialized video device; it made no sense in their context to continue working with "some other camera"). Just a reminder about content of discussion: We do engineering. We need to be precise about what issue we want solved, and how we figure out whether we have solved it or not. Especially since we are now a month beyond the end of Last Call on this document. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlWRQPEACgkQOMj+2+WY0F6tyACg6Cv1G5Hhlf2RGqM/WQ/W2gYC OoEAoK1cNNYh4rKTf0PcQ5tIzzlGGARP =Nw6B -----END PGP SIGNATURE-----
Received on Monday, 29 June 2015 12:59:11 UTC