[Bug 26332] Applications should only use EME APIs on secure origins (e.g. HTTPS) from bugzilla@jessica.w3.org on 2014-08-19 (public-html-bugzilla@w3.org from August 2014)

From: <bugzilla@jessica.w3.org>
Date: Tue, 19 Aug 2014 22:03:10 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-26332-2486-LRZPiWw5bw@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=26332

--- Comment #38 from Joe Steele <steele@adobe.com> ---
Putting aside the dangers of CDMs running un-sandboxed code, I am not convinced
that this change would result in much better privacy. 

This would secure network communications against man-in-the-middle snooping at
the potential expense of usability on some browsers. But the information would
still be provided to the origin that requested it. 

>From a practical point of view, getting you to visit my secure (but rogue)
domain is much easier than getting between you and a legitimate server (secure
or not). 

So if there were a "rogue" CDM that leaks an insecure permanent user identifier
-- it could still do that. 

I think having guidelines for what UAs should watch out for before agreeing to
include a potentially "rogue" CDM is a better approach.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Tuesday, 19 August 2014 22:03:12 UTC