W3C home > Mailing lists > Public > public-webrtc-logs@w3.org > October 2019

Re: [mediacapture-main] A privacy concern of "Media Capture and Streams" (#630)

From: Jan-Ivar Bruaroey via GitHub <sysbot+gh@w3.org>
Date: Sun, 20 Oct 2019 23:13:22 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-544302753-1571613201-sysbot+gh@w3.org>
> Is this double keyed? My understanding is yes, that the spec requires permissions to be double keyed.

I believe Chrome grants to top-level origin, which delegates permission through feature policy. This is what Firefox plans to implement as well.

The benefits are comparable to double-keying: no permissions are persisted to the iframe's origin, by itself or across different top-level origins.

GitHub Notification of comment by jan-ivar
Please view or discuss this issue at https://github.com/w3c/mediacapture-main/issues/630#issuecomment-544302753 using your GitHub account
Received on Sunday, 20 October 2019 23:13:24 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:22:29 UTC