[Bug 19785] New: Clarification on key storage

https://www.w3.org/Bugs/Public/show_bug.cgi?id=19785

          Priority: P2
            Bug ID: 19785
                CC: mike@w3.org, public-html-media@w3.org
          Assignee: adrianba@microsoft.com
           Summary: Clarification on key storage
        QA Contact: public-html-bugzilla@w3.org
          Severity: normal
    Classification: Unclassified
                OS: All
          Reporter: steele@adobe.com
          Hardware: All
            Status: NEW
           Version: unspecified
         Component: Encrypted Media Extensions
           Product: HTML WG

There is some discussion on this email thread
(http://lists.w3.org/Archives/Public/public-html-media/2012Oct/0066.html) about
when keys are cleared. After re-reading the spec it does not appear clear that
keys or licenses can be retained in a persistent cache by the CDM between
sessions. 

I don't believe the intent of the spec is to prevent the CDM from retaining
keys or licenses across sessions, but I think that needs to be spelled out in
the spec a little more explicitly. Specifically I think this section
(http://dvcs.w3.org/hg/html-media/raw-file/tip/encrypted-media/encrypted-media.html#dom-close)
needs to be clarified to say that only keys which are not intended to be
retained across sessions should be cleared.

It might be useful to add a definition of transient keys versus persistent keys
and use that as a reference point where key caching is discussed in the spec as
well.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Tuesday, 30 October 2012 16:23:28 UTC