- From: Mark Watson <watsonm@netflix.com>
- Date: Tue, 28 Oct 2014 14:12:28 -0700
- To: David Dorwin <ddorwin@google.com>
- Cc: Henri Sivonen <hsivonen@hsivonen.fi>, Joe Steele <steele@adobe.com>, "<public-html-media@w3.org>" <public-html-media@w3.org>
- Message-ID: <CAEnTvdBNMuMMV6dp4gdh95YbipcmqxaqcbdFPQcYcO_yQzrEUw@mail.gmail.com>
On Tue, Oct 28, 2014 at 1:59 PM, David Dorwin <ddorwin@google.com> wrote: > Thank you for the detailed reply. I think it would make a good addition to > the privacy considerations section and/or the resolution of, for example, > https://www.w3.org/Bugs/Public/show_bug.cgi?id=27166. > > On Mon, Oct 27, 2014 at 7:24 AM, Henri Sivonen <hsivonen@hsivonen.fi> > wrote: > > >> (While I don't have a problem with explaining the privacy measures we >> are putting in place in Firefox, I find this level of vetting for a >> new enum item rather surprising. Have spec edit requests catering to >> Microsoft's needs been vetted on this level of detail by this Task >> Force? Where can I read a similar vetting of the privacy properties of >> Microsoft's solution? Or Apple's in response to the initData changes >> that catered, in practice, only to Apple?) > > > Please don't take it personally - I'm just trying to make sure we have a > good handle on the issues. Also, individualization hasn't really been > discussed before. Unfortunately, some participants have made it nearly > impossible to change or remove things - even unintentional oversights - > from this spec, even for security, privacy, and interoperability reasons. > Sometimes, what might have been an unintentional oversights on your part, might have been a vital feature for someone else. It *should* be difficult to change something which is a vital feature for some participants. At least it should be difficult to change it in advance of properly understanding and otherwise providing for the feature. ...Mark > With such a privacy-sensitive topic, I want to make sure we have > appropriate text. > > Other vendors' solutions have not required API changes to the spec. While > we aren't specifically vetting implementations, some of us are actively > trying to understand and mitigate or restrict undesirable privacy and > security properties traditionally associated with DRM. I don't know what > initData changes you are referring to. Can you be more specific? > > David > >
Received on Tuesday, 28 October 2014 21:12:56 UTC