On Oct 29, 2015, at 3:04 PM, Eric Rescorla <ekr@rtfm.com> wrote: > > I'm not > very versed in IETF process and Specification writing. But aren't those > reflecting the requirements from Stephen during review asking for MUST revoke? > > I don't recall any decision to add normative text for MUST revoke. However, > despite that, both browsers allow this. If someone wanted to send a PR > for that text, I would be fine with that. I believe Rigo is referring to this text in RFC 7478: The browser must provide mechanisms for users to revise and even completely revoke consent to use device resources such as camera and microphone. http://tools.ietf.org/html/rfc7478#section-4.2 <http://tools.ietf.org/html/rfc7478#section-4.2> If, to comply with that, we should add a requirement to draft-ietf-rtcweb-security-arch for revocation, which it sounds like implementing browsers already support, just let us know where to send the pull request. —NickReceived on Thursday, 29 October 2015 06:15:53 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:26:34 UTC