Re: [mediacapture-region] Should we support strings in addition or in lieu of opaque identifiers? (#46)

> From the point of view of the recipient of a cropTarget (e.g. a video conference app), I claim it is much easier to be sure that it is genuinely from where it appears to be than a UUID string that may have been passed through several layers of servers. No amount of improvement of the rules on creation of the CropTarget UUID makes any difference to proof of provenance.

1. Assume you got a CropTarget/UUID and you're not sure of its origins. What compels you to use it?
2. Suppose you've used it. What are the ramifications? 
3. Suppose **for the sake of argument** that there are ramifications. What's compelling you to keep on using these untrusted CropTargets?

> It doesn't need to actually apply the UUIDs in a live capture, it still gets usage data.

So the video conferencing application would twist the arm of the entire Web by giving degraded service to those who do not comply with its demand to be tracked? What's more important for Wikipedia - their compliance with various regulations, or the off-chance that someone might be tab-sharing them? Your hypothetical video conferencing tracking-tyrant would find that:
1. Nobody is sending it any CropTargets.
2. All of its users have left for better products.
3. It's CEO is going to jail.

GitHub Notification of comment by eladalon1983
Please view or discuss this issue at using your GitHub account

Sent via github-notify-ml as configured in

Received on Saturday, 25 June 2022 09:11:55 UTC