[Bug 22901] Needs a security consideration section that at least considers the possibility of active (executable) content from bugzilla@jessica.w3.org on 2013-08-08 (public-html-bugzilla@w3.org from August 2013)

From: <bugzilla@jessica.w3.org>
Date: Thu, 08 Aug 2013 23:24:40 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-22901-2486-2CZfAwKwHe@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=22901

Glenn Adams <glenn@skynav.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|INVALID                     |---
            Summary|Clarification regarding a   |Needs a security
                   |potential CDM capable of    |consideration section that
                   |running arbitrary code      |at least considers the
                   |                            |possibility of active
                   |                            |(executable) content

--- Comment #6 from Glenn Adams <glenn@skynav.com> ---
I have created a new issue 2 [1], addressing the need to provide an informative
section on security considerations, perhaps drawing on the text of the same
section in the draft WebCrypto ED [2].

I think it is reasonable to address the issue of the possibility of active
content.

As such, I am reopening this bug, and changing its title to reflect the
underlying issue.

[1] https://www.w3.org/html/wg/media/track/issues/2
[2]
https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/Overview.html#security

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Thursday, 8 August 2013 23:24:41 UTC