[imsc] Security and Privacy section needs to change to reflect new font feature (#503) from Nigel Megitt via GitHub on 2019-10-16 (public-tt@w3.org from October 2019)

From: Nigel Megitt via GitHub <sysbot+gh@w3.org>
Date: Wed, 16 Oct 2019 13:44:24 +0000
To: public-tt@w3.org
Message-ID: <issues.opened-507862086-1571233463-sysbot+gh@w3.org>

nigelmegitt has just created a new issue for https://github.com/w3c/imsc:

== Security and Privacy section needs to change to reflect new font feature ==
Introducing the `#font` feature changes the security and privacy implications, since external resources can now be fetched, and previously they could not.

We need to update the section and complete a new [Security questionnaire](https://www.w3.org/TR/security-privacy-questionnaire/) to initiate horizontal review for security.

Apologies for catching this late, but better than never!

In terms of specific changes to the IMSC 1.2 draft, I suggest that we merely need to remove the TTML2 P.8 from the exception list in Appendix K.

Please view or discuss this issue at https://github.com/w3c/imsc/issues/503 using your GitHub account

Received on Wednesday, 16 October 2019 13:44:26 UTC