W3C home > Mailing lists > Public > public-html@w3.org > February 2012

Re: Encrypting content stored on untrusted CDNs

From: Kornel Lesiński <kornel@geekhood.net>
Date: Wed, 29 Feb 2012 00:50:41 -0000
To: "Ian Hickson" <ian@hixie.ch>
Cc: "public-html@w3.org" <public-html@w3.org>
Message-ID: <op.wae0mru9te2ec8@aimac.local>
On Tue, 28 Feb 2012 23:09:58 -0000, Ian Hickson <ian@hixie.ch> wrote:

>    navigator.addKeyForURL('http://cdn.example.net/video123', mykey);
>    myVideo.src = 'http://cdn.example.net/video123';
>    myVideo.autoplay = true;
>
> The scoping for such a feature would be hard to specify though.

How about defining a new scheme which includes the key in the URL?

Example modeled on "password" part of HTTP URLs:

     myVideo.src = 'http+aes://' + escape(mykey) +  
':@cdn.example.net/video123';

Although not so pretty, it would readily work in all places where URLs do,  
including HTML markup.

-- 
regards, Kornel Lesiński
Received on Wednesday, 29 February 2012 00:51:08 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:17:46 GMT