- From: Mark Watson <watsonm@netflix.com>
- Date: Tue, 18 Nov 2014 08:04:49 -0800
- To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Received on Tuesday, 18 November 2014 16:05:16 UTC
All, I find the definition in terms of can X "use powerful features ?" problematic, because the term "powerful features" is undefined and also a matter of case-by-case judgement on the part of the responsible working groups. It may also be the case that different "powerful features" choose to use slightly different definitions. For example, Chrome's implementation of WebCrypto works only if the Document's origin is authenticated wheras it's been proposed that for EME any such restrictions be based on the origin of the top-level browsing context. One could also see this procedure as a kind of backwards *definition* of "powerful features", i.e. "Powerful Features are those features that may only be used if the following procedure returns "Allowed".", and then my comments are that it may not be only for this group to create such a definition. It would be better if the procedure were renamed in more concrete terms: "Is Document's origin authenticated ?" or "Is Document potentially trusted ?" etc. ...Mark
Received on Tuesday, 18 November 2014 16:05:16 UTC