- From: <bugzilla@jessica.w3.org>
- Date: Fri, 24 Oct 2014 23:45:49 +0000
- To: public-html-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=27168 Bug ID: 27168 Summary: Individualization text is overbroad and should be more specific Product: HTML WG Version: unspecified Hardware: PC OS: All Status: NEW Severity: normal Priority: P2 Component: Encrypted Media Extensions Assignee: adrianba@microsoft.com Reporter: steele@adobe.com QA Contact: public-html-bugzilla@w3.org CC: mike@w3.org, public-html-media@w3.org Section 9.4 contains the following text: "Such implementations should not use identifiers for a device or user of a device in the individualization process." This is too broad. I proposed instead the following: "Such implementations should not directly provide identifiers for a device or user of a device in any messages sent during the individualization process." This allows for implementations which generate unique identifiers not directly associable with the device or user by digesting a mixture of device identifiers. These identifiers can have the security property that two different devices are unlikely to generate the same identifier, but also have the privacy property that it is very difficult to match an identifier to a user+device. -- You are receiving this mail because: You are the QA Contact for the bug.
Received on Friday, 24 October 2014 23:45:50 UTC