lists some of the risks we want to avoid in implementations.

The basic model is that the website tells the UA what kinds of devices
it can productively connect to, and then the UA presents the user a
dialog from which to pick the particular device(s) to pair with the
website. Sites can never ask for global bluetooth access, and for
initial versions of the API, at least, we won't let them ask for an
entire class of devices at once. (It's possible a specially designed
class of devices could get around this by pretending to all be a
single device.)

There's a risk of websites attacking devices through this API. This is
currently mitigated by avoiding access to streaming protocols that
require the device to include a parser, and allowing access to the
GATT format, which defines key/value pairs. It's still likely that
some devices will be vulnerable to GATT messages, and we'll need to
keep consulting with various security teams to see whether that risk
is acceptable.

The third risk, of tracking the user through unique Bluetooth IDs, is
described in the current spec.

Is that the sort of answer you were looking for?


On Sat, Aug 23, 2014 at 12:46 AM, Jonas Sicking <> wrote:
> The main question that I have is what is the security model?
> The security section of the spec is very light.
> / Jonas
> On Aug 22, 2014 6:34 PM, "Jeffrey Yasskin" <> wrote:
>> We have a draft API for Bluetooth device access at
>>, for which I'm planning to
>> send a Blink Intent to Implement email soon. The spec isn't really up to
>> web standard quality yet: we're planning to refine it as we get feedback
>> from implementation and experimental use. However, we'd still appreciate
>> any feedback this group has on the current draft.
>> Feedback as issues at
>> will be easiest to incorporate. Feedback as replies to this email is still
>> welcome. Participation at
>> is even more
>> welcome. :)
>> Thanks,
>> Jeffrey Yasskin
>> P.S. I'll ping Monday so this doesn't get lost over the weekend, but want
>> to give anyone a chance to comment early if you want.

Reply via email to