Re: [mediacapture-main] A privacy concern of "Media Capture and Streams" (#630) from Jan-Ivar Bruaroey via GitHub on 2019-10-20 (public-webrtc-logs@w3.org from October 2019)

From: Jan-Ivar Bruaroey via GitHub <sysbot+gh@w3.org>
Date: Sun, 20 Oct 2019 23:13:22 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-544302753-1571613201-sysbot+gh@w3.org>

> Is this double keyed? My understanding is yes, that the spec requires permissions to be double keyed.

I believe Chrome grants to top-level origin, which delegates permission through feature policy. This is what Firefox plans to implement as well.

The benefits are comparable to double-keying: no permissions are persisted to the iframe's origin, by itself or across different top-level origins.

-- 
GitHub Notification of comment by jan-ivar
Please view or discuss this issue at https://github.com/w3c/mediacapture-main/issues/630#issuecomment-544302753 using your GitHub account

Received on Sunday, 20 October 2019 23:13:24 UTC