[Bug 26332] Applications should only use EME APIs on secure origins (e.g. HTTPS)

https://www.w3.org/Bugs/Public/show_bug.cgi?id=26332

--- Comment #115 from Glenn Adams <glenn@skynav.com> ---
(In reply to Ryan Sleevi from comment #114)
> There is clearly a shared sentiment by the W3C TAG, extensive contributions
> from the community, and from UAs that there exist real and meaningful
> privacy concerns. Comment #48 and Comment #70 collect just a small fraction
> of these concerns. So yes, these are concerns that MUST be addressed if this
> spec is to progress.

It is up to the WG to decide "what" must be addressed, and "how" a concern is
addressed. It is not a requirement that every concern be resolved. An
acceptable resolution the WG may conclude could be WONTFIX or LATER.

Simply because it is a sentiment of the TAG does not require that the WG
concur.

> However, there's clear consensus that "doing nothing" is not acceptable..

Since there has been no CfC to the TF or WG on this point, then it is premature
to suggest what is acceptable or not.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Monday, 27 October 2014 19:46:18 UTC