On 04/07/2014 06:20 PM, Ian Hickson wrote:
On Mon, 7 Apr 2014, Harald Alvestrand wrote:
On 04/02/2014 07:52 PM, Ian Hickson wrote:
On Mon, 3 Mar 2014, Ami Fischman wrote:
Looks like we're back in business:
Latest editor's draft:
http://dev.w3.org/2011/webrtc/editor/getusermedia.html
As a user, this scares me a lot. Why isn't it up to me to control
this? I don't understand the security model here at all. I don't want
random Web pages to know that they can pipe audio to the remote
speakers in my bedroom from my laptop, but if we just expose all the
audio output devices, that's exactly what will be possible.
Without a much clearer security model, I don't think it's a good idea
to add any APIs.
Would it make sense to group the access to sinks in with access to
sources - that is, "this page wants access to your cameras, microphones
and audio output devices"?
(either on a per-device basis or as an all-or-nothing prompting)
Wouldn't that be an implementation detail?
The details are an implementation detail.
Whether sinks should be treated at the same level as sources, higher
level or lower level of protection is probably a somewhat higher level
issue.
When I was first desigining the API for WebRTC (years ago, before it got
rather unceremoniously forked by the W3C), the security design I had come
up with was basically that the UA would show a panel of devices, and the
user would drag-and-drop them into the page to give the page access to
them. (Or equivalent UI, e.g. tapping on the relevant device icons to
activate them for the page.)
This was considered, but rejected.
The consensus opinion at WebRTC and MediaCapture seemed to be that the
ability to let an app say "which of these 5 microphones do you want?" is
more amenable to creating good apps than leaving this UI to the browser
chrome.
This would let me, as a user, specify that on my laptop YouTube can play
video on my TV (assuming we extend this stuff to support video over
Miracast/AirPlay/WiDi/DIAL/Chromecast/DLNA) while not allowing it to send
audio to my bedroom, while simultaneously having Amazon's Cloud Player
sending its music to my bedroom, but not allowing it to use my microphone.
