Re: [mediacapture-main] fixed, per origin, device ID creates tracking risk (#607)

> frame A sets cookie C on day 3. Lifetime is capped by client to 7 days

You mean only lifetime of C is capped here? Or does this extend B's lifetime? I'll assume the former.

> What is the the state of the device Ids on day 7, 8 and 14?

Cleared on day 9 (7 days after first creation), if I got your cookie logic right.

> Can you clarify if there is a functionality loss by one of the more privacy preserving alternatives?

The point of the deviceId is to let JS recognize a previously used device even if it's been disconnected and reinserted since last visit.

Double-keying deviceIds without double-keying cookies would break

GitHub Notification of comment by jan-ivar
Please view or discuss this issue at using your GitHub account

Received on Wednesday, 24 July 2019 23:32:52 UTC