Re: [w3ctag/design-reviews] Captured Surface Control (Issue #962)

> We still feel the explainer needs more information on possible abuse cases and a bit more discussion of attack surface.

I have added a "Security and Privacy Considerations" section in the explainer. It simply links to the corresponding section in the spec, where this information actually lives, so as to avoid duplication.

> but in the mean time if you could bolster the current **security considerations doc** [Emphasis mine - Elad.]

Do I understand correctly, that you are asking for the information already in the spec ([this section](https://screen-share.github.io/captured-surface-control/#privacy-and-security-considerations)) to be replicated in [questionnaire.md](https://github.com/screen-share/captured-surface-control/blob/main/questionnaire.md)? I think it would be better to go with linking; maybe from section 2.18 to the spec's "Security and Privacy Considerations" section. Wdyt?

> As there's a lot going on UI-wise here

Could you please clarify which UI changes you are referring to? As far as I can tell, this spec does **not** deal with anything UX-related. Although bespoke user agent UX associated with these APIs is **possible**, this is completely up to the UA's discretion; a spec-compliant implementation is possible even without **any** additional user agent UX.

To clarify, [this mock](https://github.com/screen-share/captured-surface-control/blob/main/images/explainer/onboarding_mock_full_context.png) is of the **Web application's** possible UX, not the user agent's.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/962#issuecomment-2447905753
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/962/2447905753@github.com>