Re: Request for feedback: Media Capture and Streams Last Call from Joseph Lorenzo Hall on 2015-06-10 (public-privacy@w3.org from April to June 2015)

From: Joseph Lorenzo Hall <joe@cdt.org>
Date: Wed, 10 Jun 2015 09:07:28 -0400
To: Christine Runnegar <runnegar@isoc.org>
Cc: "norcie@cdt.org" <norcie@cdt.org>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Message-ID: <CABtrr-WA8fUsD6aPYvZ1HeJte+YBxuPJOrRoA3EfUKg23FzU-Q@mail.gmail.com>

Greg also has our own answers to the TAG questionnaire, if folks want
to see that. We found it very hard to use the questionnaire that Nick
started... although I'm starting to wonder if this [1] wasn't the
final form (given that it's got some obvious language flaws, etc.).
best, Joe

[1]: https://lists.w3.org/Archives/Public/public-privacy/2013AprJun/0004.html

On Wed, Jun 10, 2015 at 1:52 AM, Christine Runnegar <runnegar@isoc.org> wrote:
> Thank you very much Greg.
>
> We informed the Media Capture Task Force that we would be discussing this specification in our June call.
>
> Everyone, come prepared with your views on the draft to our next call (25 June) so that we can provide our collective feedback to the TF following the PING call.
>
> Greg, we look forward to your feedback on the questionnaire.
>
> Christine and Tara
>
>> On 4 Jun 2015, at 9:53 pm, Greg Norcie <gnorcie@cdt.org> wrote:
>>
>> Hi all,
>>
>> Sorry for the late reply.
>>
>> Overall, this spec looks really good, we at CDT just had a few small suggestions:
>>       • It would be nice if there was a simple, user friendly way to revoke consent for a stream (especially audio/webcam streams). As it currently stands, once consent is granted there doesn't seem to be simple way to revoke it.
>>       • In section 10.6, it is stated that persistent permissions must be be served over HTTPS and have no mixed content. It would be nice to see the "definition" of mixed content expanded to include the various issues mentioned in Bonneau's recent paper[1]. For example, if a site elects to use pinning, it should be considered to have mixed content if it loads non-pinned content.
>> Also, as an aside, we used the TAG questionnaire, and while it was very useful, we think it could use some tweaking. And in the spirit of open source, we'll be proposing some tweaks (probably sometime late next week)
>>
>> [1] http://www.jbonneau.com/doc/KB15-NDSS-hsts_pinning_survey.pdf
>>
>



-- 
Joseph Lorenzo Hall
Chief Technologist
Center for Democracy & Technology
1634 I ST NW STE 1100
Washington DC 20006-4011
(p) 202-407-8825
(f) 202-637-0968
joe@cdt.org
PGP: https://josephhall.org/gpg-key
fingerprint: 3CA2 8D7B 9F6D DBD3 4B10  1607 5F86 6987 40A9 A871

Received on Wednesday, 10 June 2015 13:08:18 UTC