Re: [presentation-api] Security and privacy evaluation and considerations from Mark Foltz via GitHub on 2015-05-19 (public-secondscreen@w3.org from May 2015)

From: Mark Foltz via GitHub <sysbot+gh@w3.org>
Date: Tue, 19 May 2015 07:14:04 +0000
To: public-secondscreen@w3.org
Message-ID: <issue_comment.created-103376106-1432019643-sysbot+gh@w3.org>

In the corresponding [thread on 
public-webscreens](https://lists.w3.org/Archives/Public/public-secondscreen/2015May/0019.html),
 I summarized the open issues around security and privacy as follows:

1. Do the risk factors vs. utility/usability warrant restriction of 
the API as a whole to secure contexts?
2. Same question for specific features: e.g. capability filtering, and
 joining of existing sessions
3. Which features require user permission?
4. What are the fingerprinting risks from the API? How can they be 
mitigated?
5. Security requirements on the communication channel for 2-UA use
6. Behavior in incognito contexts
7. Behavior when the user clears browsing data

-- 
GitHub Notif of comment by mfoltzgoogle
See 
https://github.com/w3c/presentation-api/issues/45#issuecomment-103376106

Received on Tuesday, 19 May 2015 07:14:06 UTC