[Bug 26332] Applications should only use EME APIs on secure origins (e.g. HTTPS) from bugzilla@jessica.w3.org on 2014-07-19 (public-html-bugzilla@w3.org from July 2014)

From: <bugzilla@jessica.w3.org>
Date: Sat, 19 Jul 2014 01:25:19 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-26332-2486-kQw70mJvz0@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=26332

--- Comment #5 from David Dorwin <ddorwin@google.com> ---
https://dvcs.w3.org/hg/html-media/rev/e68902b0f30d adds secure origin and
transport to the Security Considerations and Privacy Considerations sections,
including the answers in comment #4. It includes a new step specifying how to
fail when an origin is not allowed but does not normatively specify the
conditions, which remains to be discussed here.

https://dvcs.w3.org/hg/html-media/rev/7595e9457f23 adds text about secure
origins to the Privacy Considerations section on alerts and consent.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Saturday, 19 July 2014 01:25:21 UTC