You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Questions to Consider
3.1. Does this specification deal with personally-identifiable information? NO
3.2. Does this specification deal with high-value data? NO
3.3. Does this specification introduce new state for an origin that persists across browsing sessions? NO
3.4. Does this specification expose persistent, cross-origin state to the web? NO
3.5. Does this specification expose any other data to an origin that it doesn’t currently have access to? NO
3.6. Does this specification enable new script execution/loading mechanisms? NO
3.7. Does this specification allow an origin access to a user’s location? NO
3.8. Does this specification allow an origin access to sensors on a user’s device? NO
3.9. Does this specification allow an origin access to aspects of a user’s local computing environment? YES - it allows it to affect the DSCP codepoints used on outgoing packets, and will therefore allow the application to figure out how DSCP codepoints are handled in the user's networking environment.
3.10. Does this specification allow an origin access to other devices? NO
3.11. Does this specification allow an origin some measure of control over a user agent’s native UI?
(showing, hiding, or modifying certain details, especially if those details are relevant to security)? NO - it has no UI.
3.12. Does this specification expose temporary identifiers to the web?
(e.g. TLS features like Channel ID, session identifiers/tickets, etc)? NO
3.13. Does this specification distinguish between behavior in first-party and third-party contexts?
Section 2.1 of [FIRST-PARTY-ONLY] defines "first-party" in line with existing browser behavior (Chrome and Firefox). NO
3.14. How should this specification work in the context of a user agent’s "incognito" mode? It does not interact with "incognito" mode.
3.15. Does this specification persist data to a user’s local device? NO
3.16. Does this specification have a "Security Considerations" and "Privacy Considerations" section?
NO - the security properties do not change compared to the full WebRTC spec.
3.17. Does this specification allow downgrading default security characteristics? NO
The text was updated successfully, but these errors were encountered:
This has been created by cut-and-paste from
https://www.w3.org/TR/security-privacy-questionnaire/, as requested in the TAG review instructions.
3.1. Does this specification deal with personally-identifiable information? NO
3.2. Does this specification deal with high-value data? NO
3.3. Does this specification introduce new state for an origin that persists across browsing sessions? NO
3.4. Does this specification expose persistent, cross-origin state to the web? NO
3.5. Does this specification expose any other data to an origin that it doesn’t currently have access to? NO
3.6. Does this specification enable new script execution/loading mechanisms? NO
3.7. Does this specification allow an origin access to a user’s location? NO
3.8. Does this specification allow an origin access to sensors on a user’s device? NO
3.9. Does this specification allow an origin access to aspects of a user’s local computing environment? YES - it allows it to affect the DSCP codepoints used on outgoing packets, and will therefore allow the application to figure out how DSCP codepoints are handled in the user's networking environment.
3.10. Does this specification allow an origin access to other devices? NO
3.11. Does this specification allow an origin some measure of control over a user agent’s native UI?
(showing, hiding, or modifying certain details, especially if those details are relevant to security)? NO - it has no UI.
3.12. Does this specification expose temporary identifiers to the web?
(e.g. TLS features like Channel ID, session identifiers/tickets, etc)? NO
3.13. Does this specification distinguish between behavior in first-party and third-party contexts?
Section 2.1 of [FIRST-PARTY-ONLY] defines "first-party" in line with existing browser behavior (Chrome and Firefox). NO
3.14. How should this specification work in the context of a user agent’s "incognito" mode? It does not interact with "incognito" mode.
3.15. Does this specification persist data to a user’s local device? NO
3.16. Does this specification have a "Security Considerations" and "Privacy Considerations" section?
NO - the security properties do not change compared to the full WebRTC spec.
3.17. Does this specification allow downgrading default security characteristics? NO
The text was updated successfully, but these errors were encountered: