- From: Francois Daoust <fd@w3.org>
- Date: Wed, 01 Jul 2015 15:53:58 +0200
- To: Anne van Kesteren <annevk@annevk.nl>
- CC: TAG <www-tag@w3.org>, "public-secondscreen@w3.org" <public-secondscreen@w3.org>
On 2015-07-01 13:17, Anne van Kesteren wrote: > On Wed, Jul 1, 2015 at 11:55 AM, Francois Daoust <fd@w3.org> wrote: >> 1. Security requirements for the messaging channel >> ----- >> The Presentation API is agnostic of the protocol used for the messaging >> channel as long as it is capable of carrying DOMString payloads in a >> reliable and in-order fashion. A user agent could perhaps communicate with >> the second device using the WebSockets protocol or a WebRTC data channel. > > How can you leave this undefined? That would mean you don't have > interoperability across user agents and users would need to get all > their products from one vendor. I should probably have spelled out that issue more explicitly. Interoperability is certainly a problem that all group participants have in mind. The group wants to remain agnostic of the underlying protocols as much as possible, but experience gathered once first prototype implementations are out will show to what extent that is wishful thinking. Even if the specification ends up mandating support for specific discovery and communication protocols, it would still make sense to allow user agents to support additional ones. How can we formulate security requirements for such cases? > > >> However, when the controlling page is loaded in a secure context, the spec >> should set some guarantees of message confidentiality and authenticity >> ("only secure WebSockets"). Do you have suggestions on ways to specify >> security requirements in a generic manner? > > This seems hard since typically devices don't have a DNS name for > which you could issue a certificate. Indeed. Isn't it possible in the WebRTC/RTCWeb world to establish an encrypted data channel between two such peers without authentication? > > >> 2. Private mode browsing for the presenting context >> ----- >> While the controlling device will be a "private" device, the presenting >> device will often be a "shared" device, perhaps a TV set or HDMI dongle in a >> household, or a remote screen in a meeting room. To protect the controlling >> user's privacy, the group would like to require the presenting user agent to >> load the presentation URL in private mode. > > How would this work for games? Games typically have large assets we > would not want to load anew each time you play. It would be pretty > disastrous if each time you want to do some gaming you have to wait a > couple of hours for all the assets to load on your TV. This would not work for games and that has indeed been raised in the past (for reference, see similar discussion from last year, which includes points about UX for games but also in other situations on the mailing-list of the Second Screen CG that gave birth to the WG at [1]). However, current implementers, Google and Mozilla in particular, will load presentations in private mode browsing. Francois. [1] https://lists.w3.org/Archives/Public/public-webscreens/2014Aug/0012.html
Received on Wednesday, 1 July 2015 13:54:08 UTC