W3C home > Mailing lists > Public > public-privacy@w3.org > October to December 2015

Re: Comments/Questions on Media Capture Streams – Privacy and Security Considerations

From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 29 Oct 2015 08:54:56 +0900
Message-ID: <CABcZeBObD0ZUe1EgrkU_ZaUzN1KxV600EuSMnq_m35qeN+_MVw@mail.gmail.com>
To: Rigo Wenning <rigo@w3.org>
Cc: "public-privacy (W3C mailing list)" <public-privacy@w3.org>, Martin Thomson <martin.thomson@gmail.com>, Nick Doty <npdoty@w3.org>, Mathieu Hofman <Mathieu.Hofman@citrix.com>, Harald Alvestrand <harald@alvestrand.no>, "public-media-capture@w3.org" <public-media-capture@w3.org>
On Thu, Oct 29, 2015 at 8:51 AM, Rigo Wenning <rigo@w3.org> wrote:

> On Friday 23 October 2015 16:29:42 Eric Rescorla wrote:
> > In fact the RTCWEB Security Architecture documents used to require that
> > the site opt-in to persistent permissions and there was strong consensus
> > to remove that requirement precisely because browsers weren't interested
> > in implementing it.
>
> We are repeating the geolocation experience where (mostly US-policy
> inspired)
> browsers were saying that they would only implement a one time a permission
> request to use your location and they would never ask again.
>

I'm not saying that. In fact, I've said several times that Firefox does the
opposite.


My remark that the European Law here requires a permanent beacon to be shown
> as long as one is located was met with rather violent opposition and the
> requirement didn't make it into the Specification. But at the end of the
> day,
> everybody implemented the constant beacon as they wanted to ship in Europe.
>

Chrome and Firefox already show an indicator like this for gUM.



> I predict that if browsers do one time requests on WebRTC and it isn't a
> legal
> requirement yet in Europe to easily revoke it, it will become a legal
> requirement quickly.


Both Chrome and Firefox offer easy revocation.



> And this legal requirement will certainly be worse than
> doing it right in the first place. So while there may be an interest to
> benefit from the weak protections in some intermediate time, the refusal to
> implement will not be sustainable on the long run. It actually adds to the
> transatlantic unease. What is the gain to justify such important tradeoffs?


Your basic assumptions about what how browsers behave appear not
to be accurate.

-Ekr
Received on Wednesday, 28 October 2015 23:56:04 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:49:31 UTC