W3C home > Mailing lists > Public > public-webrtc@w3.org > January 2014

Re: [SPAM] Re: What is missing for building "real" services?

From: Martin Thomson <martin.thomson@gmail.com>
Date: Mon, 13 Jan 2014 10:13:11 -0800
Message-ID: <CABkgnnXodMOz-GDgbJpThyMJSXrwOLeMN3_nc+vG_pBktBJ56w@mail.gmail.com>
To: Tim Panton new <thp@westhawk.co.uk>
Cc: Silvia Pfeiffer <silviapfeiffer1@gmail.com>, Jan-Ivar Bruaroey <jib@mozilla.com>, public-webrtc <public-webrtc@w3.org>, Alexandre Gouaillard <agouaillard@gmail.com>, Randell Jesup <randell-ietf@jesup.org> 
On 13 January 2014 06:13, Tim Panton new <thp@westhawk.co.uk> wrote:
> Strikes me that a good short term default would be that https:// sites
> default
> to not supporting screenshot. http:// sites allow it, as do any that have
> the
> meta-screenshot tag set.

That's somewhat attractive, but I'm not sure that that is a good idea.
 We haven't proven unequivocally that http: pages don't contain
sensitive content.

Sure, you can argue that there is nothing that an active attacker
can't already get, but that's a little different to what we're getting
here.
Received on Monday, 13 January 2014 18:13:40 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:17:53 UTC