https://github.com/rtcweb-wg/security-arch
On Thu, Oct 29, 2015 at 3:15 PM, Nick Doty <npdoty@w3.org> wrote:
> On Oct 29, 2015, at 3:04 PM, Eric Rescorla <ekr@rtfm.com> wrote:
>
>
> I'm not
>> very versed in IETF process and Specification writing. But aren't those
>> reflecting the requirements from Stephen during review asking for MUST
>> revoke?
>>
>
> I don't recall any decision to add normative text for MUST revoke. However,
> despite that, both browsers allow this. If someone wanted to send a PR
> for that text, I would be fine with that.
>
>
> I believe Rigo is referring to this text in RFC 7478:
>
> The browser must provide mechanisms for users to revise and even
> completely revoke consent to use device resources such as camera and
> microphone.
> http://tools.ietf.org/html/rfc7478#section-4.2
>
> If, to comply with that, we should add a requirement
> to draft-ietf-rtcweb-security-arch for revocation, which it sounds like
> implementing browsers already support, just let us know where to send the
> pull request.
>
> —Nick
>