I can't tell if it is more or less trust worthy - that's the point - but there are many more ways that a uuid could arrive in my app and be manipulated/tracked on the way. An opaque token ensures that it was minted in this user agent, for this user, in this session and gives you a bunch of origin info too. It can't be tracked or correlated, this makes it much easier to reason about security or lack thereof. -- GitHub Notification of comment by steely-glint Please view or discuss this issue at https://github.com/w3c/mediacapture-region/issues/46#issuecomment-1165429295 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-configReceived on Friday, 24 June 2022 10:18:58 UTC
This archive was generated by hypermail 2.4.0 : Saturday, 6 May 2023 21:19:57 UTC