- From: <bugzilla@jessica.w3.org>
- Date: Tue, 13 Aug 2013 05:29:31 +0000
- To: public-html-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=22909 --- Comment #1 from Glenn Adams <glenn@skynav.com> --- Propose the following draft text, to be added as a new top level section or a sub-section of the Introduction. Note that this proposal is little more than an outline intended to be elaborated after further discussion in the TF. X Security Considerations This section is non-normative. X.1 Security considerations for EME Implementers User agents should take measures to prevent unauthorized access to initialization data, key data, or decrypted media data. X.2 Security considerations for EME Users While this API provides a means to develop applications that make use of protected media content, it does not, by itself, ensure that no unauthorized access occurs to initialization data, key data, or decrypted media data. While the API in this specification provides a means to use keys, it makes no statements as to how the actual keying material will be stored by an implementation. As such, although a key may be inaccessible to web content, it should not be presumed that it is inaccessible to end-users. -- You are receiving this mail because: You are the QA Contact for the bug.
Received on Tuesday, 13 August 2013 05:29:32 UTC