- From: Mhyst <mhysterio@gmail.com>
- Date: Wed, 2 Oct 2013 17:21:50 +0200
- To: "public-html-media@w3.org" <public-html-media@w3.org>
Received on Wednesday, 2 October 2013 15:22:23 UTC
Hello, The main problem with EME is that CDM have little or no restrictions at all. That is too much power for the CDM developers and many people won't trust them. We've talked about the security and privacy risks it may convey. I think this is an obstacle in the path to advance EME. I propose a radical modification to EME including the controlled execution of the CDM. Sandboxing the execution of the CDM code, like SecurityManager class does for Java, will restrict the CDM to just decryption. The code can still be secret but not many people would complain. Sorry for my bad english. I'm sure someone can give much better explanation than I'm able to do. I hope we can work in a real solution without giving out users privacy and security. Cheers
Received on Wednesday, 2 October 2013 15:22:23 UTC