W3C home > Mailing lists > Public > public-html-media@w3.org > August 2015

[encrypted-media] "tracked" sessions: when to persist "record of key usage" is not specified

From: None via GitHub <sysbot+gh@w3.org>
Date: Thu, 27 Aug 2015 18:21:27 +0000
To: public-html-media@w3.org
Message-ID: <issues.opened-103566296-1440699686-sysbot+gh@w3.org>
ddorwin has just created a new issue for 
https://github.com/w3c/encrypted-media:

== "tracked" sessions: when to persist "record of key usage" is not 
specified ==
Pull request #54 added text to section 7.5.2, the [Encrypted Block 
Encountered](https://w3c.github.io/encrypted-media/#encrypted-block-encountered)
 algorithm, that specifies modification of an entry of the "record of 
key usage". However, that record and the behavior around it is not 
specified. As has been [previously 
discussed](https://lists.w3.org/Archives/Public/public-html-media/2015Jun/0021.html),
 there are specific implementation requirements in order for such 
records to be useful to the author. These should be specified.

The method that is technically possible for most user agents involves 
storing such records in (tamper-resistant) memory then persisting the 
record when the license/keys are destroyed.

Therefore:
* The steps in 7.5.2 should have a Note to be clear that the data 
should not be persisted at that point.
* The algorithms related to license/key destruction should be updated 
to include persisting the "record of key usage." I believe this 
includes the Session Close algorithm and the remove() algorithm.

See https://github.com/w3c/encrypted-media/issues/82
Received on Thursday, 27 August 2015 18:21:28 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 27 August 2015 18:21:28 UTC