Suggested topic: Permissions for peer-to-peer functionality

Spec links:

Peer to peer communication posits some unique challenges for permission mechanisms.

Unlike most Web mechanisms, it discloses information directly to another endpoint on the Internet, without going via a server - so the traditional "origin"-based model, while useful to validate applications, is straining to handle the case of peer to peer

communication.

We should explore:

- What kind of information is shared in peer to peer communication?

- What kind of vulnerabilities are opened up by peer to peer communication?

- Whether we should search for a common model of identity to identify peers?

- Whether (or when) it makes sense to use user prompts or browser chrome indicators to make the user aware of what's going on, and possibly ask permission?

This topic proposes no particular mechanisms. It is aimed at exploring the problem space.