Re: Encrypting content stored on untrusted CDNs

On Tue, 28 Feb 2012 23:09:58 -0000, Ian Hickson <ian@hixie.ch> wrote:

>    navigator.addKeyForURL('http://cdn.example.net/video123', mykey);
>    myVideo.src = 'http://cdn.example.net/video123';
>    myVideo.autoplay = true;
>
> The scoping for such a feature would be hard to specify though.

How about defining a new scheme which includes the key in the URL?

Example modeled on "password" part of HTTP URLs:

     myVideo.src = 'http+aes://' + escape(mykey) +  
':@cdn.example.net/video123';

Although not so pretty, it would readily work in all places where URLs do,  
including HTML markup.

-- 
regards, Kornel Lesiński

Received on Wednesday, 29 February 2012 00:51:08 UTC