[Bug 25536] New: Make persisted session removal more explicit from bugzilla@jessica.w3.org on 2014-05-02 (public-html-media@w3.org from May 2014)

From: <bugzilla@jessica.w3.org>
Date: Fri, 02 May 2014 19:56:49 +0000
To: public-html-media@w3.org
Message-ID: <bug-25536-5436@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=25536

            Bug ID: 25536
           Summary: Make persisted session removal more explicit
           Product: HTML WG
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P3
         Component: Encrypted Media Extensions
          Assignee: ddorwin@google.com
          Reporter: ddorwin@google.com
        QA Contact: public-html-bugzilla@w3.org
                CC: mike@w3.org, public-html-media@w3.org

The name release() was intended to be ambiguous [1] along with the close event,
but the ambiguity is problematic for applications. There was always the problem
that an application could not call release() to indicate it no longer needed a
key now without always destroying it. In the current stored license example
[2], we can also see that the ambiguity makes it impossible for the application
to know whether a session has really been removed (or just closed by the CDM
for other reasons).

I propose a simple change that removes the ambiguity and returns release() and
close to a single consistent meaning.

* Add a new method to MediaKeySession: Promise<any> remove();
  - Called to remove persisted session data.
  - The returned promise is resolved only after the CDM has destroyed the
session data, including the session ID, including after potential message
exchange.
  - For sessions without persisted session data, reject the promise with
"InvalidAccessError".
* release() now always means the app is done with the session so the CDM can
close it. (It does *not* destroy persisted session data.)
* The close "event" is fired when the session is no longer used by the CDM. It
should also be fired at some TBD point during the remove() process.

Given the new behaviors, it may also make sense to rename release() - possibly
to close(). Then we'd need to rename the "close" attribute to "closed" or
something else. (The name "close" was selected because it is consistent with
other events; since it is now a promise, maybe this is less important.)
Suggestions?

[1] https://www.w3.org/Bugs/Public/show_bug.cgi?id=17750#c16
[2]
https://dvcs.w3.org/hg/html-media/raw-file/97f675a78a34/encrypted-media/encrypted-media.html#example-stored-license

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Friday, 2 May 2014 19:56:50 UTC