Re: [w3ctag/design-reviews] Captured Surface Control (Issue #962) from Matthew Tylee Atkinson on 2024-10-30 (public-webapps-github@w3.org from October 2024)

From: Matthew Tylee Atkinson <notifications@github.com>
Date: Wed, 30 Oct 2024 01:40:54 -0700
To: w3ctag/design-reviews <design-reviews@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3ctag/design-reviews/issues/962/2446195385@github.com>

Thank you for your reply and all the info in the Explainer. We discussed this on our breakout today.
We still feel the explainer needs more information on possible abuse cases and a bit more discussion of attack surface. The security considerations talks about potential confusion, but doesn't talk about how the API could be abused by bad actors. So we recommend a security analysis (and there is a W3C process spinning up for this) but in the mean time if you could bolster the current security considerations doc with some discussion of abuse cases and mitigations that would great.
As there's a lot going on UI-wise here, we'd really like to see an 'Accessibility considerations' section in the Explainer (it's totally fine to use this section to show what the positives are) - please could you add one? Please also consider requesting a review from the APA WG: https://github.com/w3c/a11y-request/issues/new/choose

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/962#issuecomment-2446195385
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/962/2446195385@github.com>

Received on Wednesday, 30 October 2024 08:40:58 UTC