- From: Jonas Sicking <jonas@sicking.cc>
- Date: Wed, 20 Aug 2014 15:41:28 -0700
- To: Francois Daoust <fd@w3.org>
- Cc: Anton Vayvod <avayvod@google.com>, John Mellor <johnme@google.com>, "mark a. foltz" <mfoltz@google.com>, "public-webscreens@w3.org" <public-webscreens@w3.org>, Marco Chen <mchen@mozilla.com>, Wesley Johnston <wjohnston@mozilla.com>, Evelyn Hung <ehung@mozilla.com>
On Wed, Aug 20, 2014 at 9:46 AM, Francois Daoust <fd@w3.org> wrote: > With two different users, this suggests the problems that arise are privacy > issues. Is it the case? > > If I understand things correctly, with the suggested presentation ID > mechanism, a presentation session would be identified by the origin of the > presentation app and a presentation ID, typically generated by the > controlling app. > > In particular, in the 2-UA case, two different users will be able to > (re-)connect to a running presentation as long as they have the right > presentation ID. In the case when a first user leaves the presentation > session opened, a second user can thus get access to the data left by the > first one as long as the presentation session is opened, unless the > controlling app takes care of that by using a user ID or an authentication > token as presentation ID to control who can reconnect to the session. > > My point here is that the API does not distinguish between users but leaves > that to the controlling application. Couldn't the presentation ID be used to > scope data that oulives a presentation session such as cookies, cache, local > storage? > > Note the reason why I insist on data being preserved is that it seems like a > useful feature in many cases. After all, the very definition of Web Storage > is "an API for *persistent* data storage" [1] and IndexedDB introduces > itself on similar grounds [2]. Reconnecting to an existing session that's running on the TV will always continue to work. And the presentation page on the TV wouldn't lose any data when that happens, but would instead be able to continue to access any data that it was previously able to access. With regards to allowing data to survive across newly created sessions, I would be fine with leaving this up to UA policies for now. It seems hard to enforce anything here given how wildly different various hardware platforms are right now. And how limited they are with regards to running arbitrary web content. I definitely hope to get to a future where you can launch a website on a TV using the presentation API. But then somehow "install" that website to the TV. Both to enable it to use storage, but also to enable the user to access it without having to go through their mobile phone. But I think all of that is outside of what we can require from the spec right now if we actually expect to get conforming implementations. / Jonas
Received on Wednesday, 20 August 2014 22:42:25 UTC