W3C home > Mailing lists > Public > public-webappsec@w3.org > December 2017

Review of Media Capture from DOM Elements API from Web Application Security Working Group

From: Stefan Håkansson LK <stefan.lk.hakansson@ericsson.com>
Date: Sat, 2 Dec 2017 09:24:42 +0000
To: "public-webappsec@w3.org" <public-webappsec@w3.org>, "dveditz@mozilla.com" <dveditz@mozilla.com>, "mkwst@google.com" <mkwst@google.com>, "wseltzer@w3.org >> Wendy Seltzer" <wseltzer@w3.org>
CC: "webrtc-chairs@w3.org" <webrtc-chairs@w3.org>
Message-ID: <HE1PR07MB3418F08291D6B5AB21E725AEC93E0@HE1PR07MB3418.eurprd07.prod.outlook.com>
Dear Web Application Security Working Group,

The WebRTC Working Group is working toward publishing the Media Capture 
from DOM Elements API to Candidate Recommendation and is thus seeking 
review from a variety of groups of the document:

https://w3c.github.io/mediacapture-fromelement/

We are particularly interested on feedback from the Web Application 
Security Working Group on the impact on security (and the proposed 
mitigations) to the capability introduced with this spec (i.e. capturing 
what is rendered in a DOM element into a MediaStream, which in turn can 
be e.g. Recorded, transmitted in real time using WebRTC etc.). One 
specific area of interest regarding privacy is the handling of isolated 
or tainted content being rendered.

We of course also welcome feedback on any other aspect of the 
specification.

We would appreciate to receive feedback before January 12, 2018. We hope 
to request transition to Candidate Recommendation early next year.

If you have any comments, we prefer that you submit them as Github issues:

https://github.com/w3c/mediacapture-fromelement/issues

Alternatively, you can send your comments by email to 
public-mediacapture@w3.org.

Thanks,

For the WebRTC chairs,
Stefan Hakansson
Received on Saturday, 2 December 2017 09:41:22 UTC

This archive was generated by hypermail 2.3.1 : Saturday, 2 December 2017 09:41:24 UTC