W3C home > Mailing lists > Public > public-webrtc@w3.org > March 2013

Re: [rtcweb] Notes on security for browser-based screen/application sharing

From: Harald Alvestrand <harald@alvestrand.no>
Date: Tue, 26 Mar 2013 23:27:01 +0100
Message-ID: <515220B5.7000101@alvestrand.no>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
CC: "Timothy B. Terriberry" <tterriberry@mozilla.com>, "rtcweb@ietf.org" <rtcweb@ietf.org>, "public-webrtc@w3.org" <public-webrtc@w3.org>
On 03/26/2013 10:15 PM, Stephen Farrell wrote:
>
> On 03/26/2013 09:00 PM, Timothy B. Terriberry wrote:
>> Stephen Farrell wrote:
>>> Are there other things on the user's device that might
>>> end up being shared? E.g. accelerometers or other sensors.
>>> There have been papers demonstrating that access to such
>>> information can reveal lots of things, e.g. passwords.
>> You mean like <https://bugzilla.mozilla.org/show_bug.cgi?id=681562>?
> Yep. Are the use-cases in webrtc for that kind of sensor
> data to be made available over the n/w or is it all handled
> locally?

I think the DAP WG in the W3C is the right place to address APIs for 
sensor data.
They're one of the parent WGs of the Media Capture Task Force, which is 
charged with getting the specs right for getusermedia, so one would 
assume they're aware of the discussions there.

But in my opinion, neither the WEBRTC WG nor the RTCWEB WG have this in 
their charters.

I advocate separation of concerns; if people want to work on this, go there.

>
> Ta,
> S.
>
>> _______________________________________________
>> rtcweb mailing list
>> rtcweb@ietf.org
>> https://www.ietf.org/mailman/listinfo/rtcweb
>>
>>
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
Received on Tuesday, 26 March 2013 22:27:31 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 15:19:33 UTC