[Bug 25271] Key Session description of key usage is ambiguous from bugzilla@jessica.w3.org on 2014-04-07 (public-html-bugzilla@w3.org from April 2014)

From: <bugzilla@jessica.w3.org>
Date: Mon, 07 Apr 2014 16:01:20 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-25271-2486-N9jgck19Rf@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=25271

--- Comment #2 from Joe Steele <steele@adobe.com> ---
It seems that the goal here is to prevent a malicious site from detecting key
usage by using a timing attack. If we make that goal explicit that also
resolves the ambiguity. 

What about this text?

"Other MediaKeys objects and media elements may not access the key session. An
application in one origin should not be able to detect the existence of keys in
another origin via timing."

This will allow for things like device specific keys in hardware.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Monday, 7 April 2014 16:01:22 UTC