[Bug 21869] Need clarity on stored keys for CDMs

https://www.w3.org/Bugs/Public/show_bug.cgi?id=21869

--- Comment #11 from Mark Watson <watsonm@netflix.com> ---
(In reply to comment #7)
> Compared to what I said above, David Dorwin had an even better idea
> according to the latest meeting minutes.
> (http://www.w3.org/2013/06/18-html-media-minutes.html#item03)
> 
> To expand:
> If you want data to stay around on the client side beyond having it in RAM,
> have the CDM pass an encrypted data packet to the JavaScript application,
> how the JavaScript application store the encrypted packet in IndexedDB and
> then next time have the JavaScript application take the encrypted packet
> from IndexedDB and push it back to the CDM. This way, the privacy controls
> that browsers need to provide for IndexedDB anyway would automatically apply
> to data that CDMs want to keep around.

This seems to place a bunch on complexity in the application and doesn't look
significantly simpler for the UA than having the UA implement the storage and
privacy handling of the of the encrypted blob internally.

I agree that our privacy considerations should properly address the question of
clearing of CDM-stored data.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Tuesday, 16 July 2013 16:45:36 UTC