- From: <bugzilla@jessica.w3.org>
- Date: Mon, 18 Feb 2013 06:42:17 +0000
- To: public-html-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=20965
Henri Sivonen <hsivonen@iki.fi> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |hsivonen@iki.fi
--- Comment #5 from Henri Sivonen <hsivonen@iki.fi> ---
(In reply to comment #2)
> I think all communication that could result in a privacy concern is out of
> scope of the EME spec.
An overview of Adobe Access
https://www.adobe.com/support/adobeaccess/pdfs/server/AdobeAccess_4_Overview.pdf
and the PlayReady Compliance Rules
http://download.microsoft.com/download/7/8/8/788478CC-74A3-4BFE-8CBE-07D80218658B/Compliance_Rules_for_PlayReady_Final_Products_19_December_2012.doc
indicate that both systems have keys that are unique to a given computer or
device (not just device model).
To the extent such unique key participates in some detectable way in the key
exchange dance that happens in the messages that are opaque to EME itself, such
a unique key could be used as an exceptionally strong super cookie (hyper
cookie?). That is, serving a trivial media file that triggers key exchange
could be used by Web sites to make browsers reveal uniquely identifying
information to any site on the Web enabling unprecedentedly reliable tracking
of users across the Web.
Since such uniquely identifying keys seem to be common enough a characteristic
of DRM systems that one can find such a characteristic in a couple of DRM
systems with large installed bases by a quick inspection of public
documentation, it seems reasonable to assume that the characteristic can be
expected to be common to various CDMs that one might expect to live behind EME.
Therefore, it seems reasonable for EME itself to address the privacy
implications of such a probable characteristic of CDMs.
--
You are receiving this mail because:
You are the QA Contact for the bug.
Received on Monday, 18 February 2013 06:42:18 UTC