From 5fa3537aa3757dcfcafa25c2e6b4392842d027c3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20Beaufort?= <beaufort.francois@gmail.com>
Date: Mon, 23 May 2022 13:42:22 +0200
Subject: [PATCH 1/4] Add security considerations section

---
 brightness-mode-explainer.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/brightness-mode-explainer.md b/brightness-mode-explainer.md
index 616c285..6a8f272 100644
--- a/brightness-mode-explainer.md
+++ b/brightness-mode-explainer.md
@@ -121,6 +121,14 @@ Some form of "scannable element" property. When an element with said property is
 <body style="brightness: max">*
 ```
 
+## Security considerations
+
+- The API is available to secure browsing contexts.
+
+- The screen brightness can be controlled only in response to a user gesture to ensure user retain control over their screen brightness. This prevents a situation where a site increases screen brightness every time the system or user overrides it manually.
+
+- If the page visibility becomes hidden after screen brightness has been increased, the screen brightness should be restored automatically.
+
 ## Past discussions
 - https://github.com/WICG/proposals/issues/17
 - https://github.com/w3c/screen-wake-lock/issues/129

From 5bcb6836204824a12cf18b4540408a93bc4ad6ad Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20Beaufort?= <beaufort.francois@gmail.com>
Date: Tue, 24 May 2022 09:38:19 +0200
Subject: [PATCH 2/4] Removed some opened design issues

---
 brightness-mode-explainer.md | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/brightness-mode-explainer.md b/brightness-mode-explainer.md
index 6a8f272..d3f9dea 100644
--- a/brightness-mode-explainer.md
+++ b/brightness-mode-explainer.md
@@ -21,14 +21,8 @@ The following issues remain open for discussion:
     - How bright is too bright? Consider 100% brightness with HDR displays, for example.
     - Take a discrete or continuous value?
     - Related to whether script should be allowed to reduce brightness.
-  - Permission model
-    - Would it require a user gesture (request but not consume it)?
-  - While brightness changes
-    - What if users change the brightness level while the lock is held?
   - When dropping a screen brightness request
-      - Does the UA have to restore the previous brightness level?
-        - What about external displays? Do UAs need to keep track of levels for each display?
-      - Should script be allowed to "hold the lock" indefinitely?
+      - What about external displays? Do UAs need to keep track of levels for each display?
 
 ## Goals
 

From 6444c92bfa8c27f756678aea9919c2a2713a7d7a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20Beaufort?= <beaufort.francois@gmail.com>
Date: Tue, 24 May 2022 16:37:15 +0200
Subject: [PATCH 3/4] Add more consideration

---
 brightness-mode-explainer.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/brightness-mode-explainer.md b/brightness-mode-explainer.md
index d3f9dea..4dc413d 100644
--- a/brightness-mode-explainer.md
+++ b/brightness-mode-explainer.md
@@ -123,6 +123,8 @@ Some form of "scannable element" property. When an element with said property is
 
 - If the page visibility becomes hidden after screen brightness has been increased, the screen brightness should be restored automatically.
 
+- To avoid possible user fingerprinting issues, the request to control screen brightness shall not indicate to the site if the actual screen brightness has changed or not. 
+
 ## Past discussions
 - https://github.com/WICG/proposals/issues/17
 - https://github.com/w3c/screen-wake-lock/issues/129

From 81bea559db7e4c3ae6524b8d833ad4dc01c1e836 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20Beaufort?= <beaufort.francois@gmail.com>
Date: Wed, 25 May 2022 09:36:44 +0200
Subject: [PATCH 4/4] Address will's feedback

---
 brightness-mode-explainer.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/brightness-mode-explainer.md b/brightness-mode-explainer.md
index 4dc413d..5ba6156 100644
--- a/brightness-mode-explainer.md
+++ b/brightness-mode-explainer.md
@@ -123,7 +123,9 @@ Some form of "scannable element" property. When an element with said property is
 
 - If the page visibility becomes hidden after screen brightness has been increased, the screen brightness should be restored automatically.
 
-- To avoid possible user fingerprinting issues, the request to control screen brightness shall not indicate to the site if the actual screen brightness has changed or not. 
+- To avoid possible user fingerprinting issues, when the request to control screen brightness is denied, a site should not be able to detect the exact reason why it happened. In other words, a generic `NotAllowedError` DOMException should be raised when there is no user gesture or battery level is too low for instance.
+
+- If the screen brightness is at its maximum and a site requests a brighter screen, the request should succeed anyway so that it can't infer the screen brightness.
 
 ## Past discussions
 - https://github.com/WICG/proposals/issues/17