[Bug 26332] Applications should only use EME APIs on secure origins (e.g. HTTPS)

https://www.w3.org/Bugs/Public/show_bug.cgi?id=26332

--- Comment #40 from Mark Watson <watsonm@netflix.com> ---
(In reply to David Dorwin from comment #36)
> 
> 
> Much of the discussion has focused on identities, but there are other
> concerns as well. For example, DRM implementations, especially those
> provided by the platform, are often unsandboxed. This means that such CDMs
> could access anything on the system and it are particularly dangerous
> because they run outside the sandbox. Given these risks and the unique
> nature of EME/CDMs compared to other web APIS, it makes sense that such
> risks should be restricted to authenticated domains.

Why is a platform CDM API any different from any other platform API in this
respect ?

> 
> Other potential mitigations to these risks (i.e. prompt the user) are also
> non-normative, so we cannot rely on those. Even if we made user prompts
> normative, the benefit is minimized if non-secure origins are supported (see
> [1] in comment #0).

There are many examples where UA implementors - and everyone else - agree that
a user prompt is necessary but no such prompt is normatively required by W3C
specifications. We don't generally specify such UI issues, but that does not
mean that we should behave as if they do not exist and adopt unnecessary
restrictions as a result.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Tuesday, 19 August 2014 22:30:36 UTC