W3C home > Mailing lists > Public > public-webrtc@w3.org > May 2018

Conformance (Re: Raw data API - 4 - direct RTP access)

From: Harald Alvestrand <harald@alvestrand.no>
Date: Thu, 31 May 2018 10:01:38 +0200
To: public-webrtc@w3.org
Message-ID: <14bc493d-2bb6-2075-df54-d8a9f30a39c1@alvestrand.no>
Den 30. mai 2018 20:06, skrev Peter Thatcher:
> You're advocating, then, for a high-level API.   On the flip side, an
> app should be allowed to do many non-standard or custom things as well. 
> And that requires a low-level API.  And that's the root of the tension
> between high- and low-level APIs: if you can control more, you have to
> do more.  
> What objection do you have in these things being provided by libraries
> instead of being baked in the browser?  

We're getting at an important point here - probably best thought of as
"security considerations".

If an app can do something, and can do it right or wrong, the overall
conformance of the system to a specification depends on the browser
doing it right AND the app doing it right.

If we take away the power of the app to do it wrong, overall conformance
of the system depends only on the browser doing it right.

There are cases where that matters (especially if you're selling into
places where certifications are taken seriously); there are cases where
it doesn't. Security is one of the areas where it matters; congestion
management is another.

The more the browser is supposed to guarantee, the more things need to
be kept away from the application. And vice versa - if we find that
things can't cause too much harm, the value of keeping them away from
the application becomes lower.
Received on Thursday, 31 May 2018 08:02:09 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:18:41 UTC