- From: Philip Jägenstedt <philipj@opera.com>
- Date: Mon, 13 Jan 2014 11:47:53 +0700
- To: Ami Fischman <fischman@chromium.org>
- Cc: WHATWG <whatwg@whatwg.org>, Ian Hickson <ian@hixie.ch>
On Thu, Dec 19, 2013 at 2:45 PM, Ami Fischman <fischman@chromium.org> wrote: > On Wed, Dec 18, 2013 at 8:38 PM, Ian Hickson <ian@hixie.ch> wrote: > >> On Tue, 17 Dec 2013, Ami Fischman wrote: >> > Recently <https://www.w3.org/Bugs/Public/show_bug.cgi?id=23263> >> > Navigator acquired the ability to enumerate media output devices (in >> > addition to input devices): >> > >> http://dev.w3.org/2011/webrtc/editor/getusermedia.html#enumerating-devices >> What's the privacy story for this API? >> > > I don't follow public-media-capture but the spec above says: > > The method must only return information that the script is authorized to > access (TODO expand authorized). > > A narrow reading of that "authorized" would be "devices to which the user > has already granted access through getUserMedia" though I don't want to put > words in that group's mouth. Do you mean to make this per-origin as well? (It will require storing that information per-origin forever, or until some invisible timeout.) That seems about as restrictive as one could make it, but is the API going to actually be useful in this state? Philip
Received on Monday, 13 January 2014 04:48:20 UTC