Dan: the XR stuff is notable for one of the risks being that it might make users physically ill, if it's implemented incorrectly, time lags, if the VR doesn't match head movement, there are actual real risks.

Rossen: seizures if done badly, it's very hard getting it right

Dan: thumbs up on security and privacy questionnaire, they did a good job

Rossen: we don't consider this to be exposing underlying platform config information do we? They are saying none. In general, do we consider hardware capabilities of underlying platforms as config data that is exposed?

Dan: so whether the platform itself supports this api at all?

Rossen: can I use this to fingerprint devices? in a different way that I couldn't before.

Dan: yeah, that could be expanded on here.

Rossen: I am assuming that they will probably come back... this is exposing lighting capabilities

Dan: there is a section in p&s considerations that says lighting estimation provides additional opportunities for side channel attacks and fingerprinting risks, discussed in this section

Rossen: it's great that it's there but not mentioned in the privacy questionnaire

Dan: They should have pointed to this section, they do link to it from the security and privacy self check response. Their mitigation against the fingerprinting risk is that the XR light probe should only be accessible during an active webXR session, that's one mitigation.

Rossen: the rest is pretty straightforward. There's not a whole lot that is being exposed.

Dan: there's good information here about the .. it says in the explainer the mitigations against fingerprinting but looking to see if that information is reflected in the actual spec itself. There's a MUST in the explainer but that text does not appear in the spec. It probably does but using different wording.. it's not specifically called out in the privacy and security considerations section of the spec (which is non normative). That's one piece of feedback.

Rossen: you want to summarize this?

Dan: yeah. Other feedback?

Hi XR folks! Thanks for this review request. We note that the response to privacy & security section is great. One thing we felt was missing was the mitigation information on fingeringprinting - which is actually discussed in the privacy & security considerations section of the **explainer**. And it also seems like there are requirements in the explainer - e.g. quantization - which do not actually appear in the spec itself?

Rossen: from my point of view it's really straightforward. The use case is valid. If you don't get light correctly then your experience sucks. ... I would add from a functional point of view the proposal seems like a great addition to XR

Dan: leaves comment

[bumped 2 weeks]

Dan: we left feedback. Mitigations listed not spelled out in security and privacy self check adequately. They responded. Happy to close?

Rossen: I think so

Dan: propose closing at plenary