Ian: Come up with a story for apps using webrtc

[zenhack]

Related to #12, it would be nice if blocking the exfiltration hole provided by webrtc didn't prevent apps from making legitimate use of the functionality. Furthermore, right now (even without a block for that in place) if someone wanted to write a video conferencing app, they would run into the problem that iframes can't request mic & camera access, so I'd like to have some answer for how apps can do that sort of thing.

My ideal for this is that we'd be able to use postMessage() to transfer the relevant browser objects, so apps could request access to these from Sandstorm, much like they do for powerbox requests.

Related issue with w3c folks: w3c/webrtc-extensions#64

[zenhack]

Relevant changes to the specs have been merged:

• Add support for transferable MediaStreamTracks w3c/mediacapture-extensions#21
• Add data channel transferable algorithm w3c/webrtc-extensions#78

Once those are actually implemented in browsers, we can use postMessage() to transfer media devices and individual data channels.