Re: User media constraint: peerIdentity

On 23 October 2012 14:40, Li Li <Li.NJ.Li@huawei.com> wrote:
> This is an interesting idea. But I wonder how browsers can prevent a page from using any post-processing API [1] to access the constrained media stream.

It's fairly straightforward.  Tag the media stream, and refuse to
permit any operation on that media stream *except* sending to an
authenticated RTCPeerConnection.

> Do we require those APIs to be aware of peerIdentity and refuse any such constrained media streams?

Yes.  To the extent that failure is a possibility and reporting that
failure is probably necessary.  This would introduce a new failure
mode to each of those APIs.  Most of the awareness would be attached
to the stream itself.  Of course, the extent to which this is possible
depends on the details of the browser implementation.  I imagine that
this could be made very difficult to achieve.

Received on Tuesday, 23 October 2012 21:49:59 UTC