W3C home > Mailing lists > Public > public-secondscreen@w3.org > November 2016

Re: [presentation-api] Consider checking for security context in the PresentationRequest constructor

From: François Daoust via GitHub <sysbot+gh@w3.org>
Date: Wed, 23 Nov 2016 10:06:59 +0000
To: public-secondscreen@w3.org
Message-ID: <issue_comment.created-262474457-1479895617-sysbot+gh@w3.org>
I'm not sure there are more discussions to point at regarding 
conclusions.

The minutes only summarize the joint Second Screen WG / @mikewest TPAC
 lunch, which was not minuted in itself. My recollection from the 
lunch is that it was deemed acceptable at the time not to require 
secure contexts for the Presentation API, and actually especially 
given the presence of a user prompt.

The point was also raised in a subsequent request for review sent to 
the WebAppSec Working Group shortly after our discussions at TPAC:
https://lists.w3.org/Archives/Public/public-webappsec/2015Nov/0064.html
... which did not lead to further comments.

We discussed various points with PING, but not that particular issue 
as far as I remember. Minutes of the main discussion with PING are at:
http://www.w3.org/2015/12/03-privacy-minutes.html#item02

-- 
GitHub Notification of comment by tidoust
Please view or discuss this issue at 
https://github.com/w3c/presentation-api/issues/362#issuecomment-262474457
 using your GitHub account
Received on Wednesday, 23 November 2016 10:07:12 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 23 November 2016 10:07:13 UTC