- From: <bugzilla@jessica.w3.org>
- Date: Wed, 22 Oct 2014 07:05:41 +0000
- To: public-html-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=27124 Bug ID: 27124 Summary: Add "individualizationrequest" to the MediaKeyMessageType enum Product: HTML WG Version: unspecified Hardware: All URL: http://lists.w3.org/Archives/Public/public-html-media/ 2014Oct/0006.html OS: All Status: NEW Severity: normal Priority: P2 Component: Encrypted Media Extensions Assignee: adrianba@microsoft.com Reporter: hsivonen@hsivonen.fi QA Contact: public-html-bugzilla@w3.org CC: mike@w3.org, public-html-media@w3.org The spec currently says: "Application- and origin-independent messages related to per-client initialization (or reinitialization) that are sent to a fixed non-application-dependent URL MUST be handled by the user agent and MUST NOT be passed to the application via the APIs." I think this is inappropriate. As far as I am aware, no rationale has been given for the above-quoted design restriction. As described in http://lists.w3.org/Archives/Public/public-html-media/2014Oct/0006.html , it's a totally reasonable design that individualization (is there "initialization" of another kind?) requests are made as EME messages and either the JS app knows how to route these to a different server than the license requests or the license server knows how to proxy these to an individualization server. I request that 1) The above-quoted sentence be edited to say that individualization MAY be handled by the user agent without exposing the process to the application via EME or individualization MAY be performed via EME messages whose type is "individualizationrequest". 2) "individualizationrequest" be added to the MediaKeyMessageType enumeration. (I could live with the string "individualizationrequest" to be bikeshedded to the more generic "initializationrequest" if spec text explains that it is meant to cover individualization.) Please note that individualization could reasonably be origin-*dependent*. (This is desirable for privacy reasons to prevent cross-site correlation of individualized bits that the key system exposes.) Sure, it's possible to read the above-quoted sentence as not restricting origin-*dependent* individualization via EME messages, but I still request change #1 above. -- You are receiving this mail because: You are the QA Contact for the bug.
Received on Wednesday, 22 October 2014 07:05:43 UTC