- From: <bugzilla@jessica.w3.org>
- Date: Thu, 30 Oct 2014 17:07:48 +0000
- To: public-html-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=26332 --- Comment #128 from David Dorwin <ddorwin@google.com> --- (In reply to Anne from comment #125) > Here's a proposal. Thanks for makig a proposal! > > 1) We work out how to make non-TLS EME as good as possible for end users and > if UAs opt to support non-TLS (as everyone does at this point) they steer > towards implementing those requirements. > > 2) We deprecate non-TLS EME in the specification and recommend against > supporting it. > > 3) We set a date one or two years from now at a point when at least two UAs > are willing to disable non-TLS EME. > > 4) We advertize this date through console warnings, evangelism, and perhaps > even the specification. > > This plan is similar to what has been proposed for WebRTC and geolocation > and seems reasonable given existing non-TLS deployment. I like this proposal in general. It gives content providers time to adapt, includes a normative requirement, informs authors about the upcoming change, and (somewhat) addresses the competitive disadvantage concern. > (We also make sure to not fall in this non-TLS trap again for new APIs.) Agreed. Maybe evaluating whether TLS is required should be added to the FPWD process. -- You are receiving this mail because: You are the QA Contact for the bug.
Received on Thursday, 30 October 2014 17:07:50 UTC