W3C home > Mailing lists > Public > public-secondscreen@w3.org > April 2015

Re: HbbTV 2.0 Specification Announcement

From: mark a. foltz <mfoltz@google.com>
Date: Fri, 24 Apr 2015 16:19:48 -0700
Message-ID: <CALgg+HFB3wjwMopU7LLzdfgaredmXiVkBSjRSwuLAp6ywOFZHQ@mail.gmail.com>
To: Francois Daoust <fd@w3.org>
Cc: Matt Hammond <Matt.Hammond@bbc.co.uk>, "public-secondscreen@w3.org" <public-secondscreen@w3.org>
On Fri, Apr 24, 2015 at 4:12 PM, mark a. foltz <mfoltz@google.com> wrote:

> Security for the messaging channel vs. the security status of the
> controlling and presenting origins is an interesting topic.  We've had some
> preliminary discussions in Chrome about this, but nothing firm enough to
> propose, so I'm glad to have an opportunity to discuss this in the group.
>
> On Mon, Apr 20, 2015 at 5:13 AM, Francois Daoust <fd@w3.org> wrote:
>
>> On 2015-04-17 17:42, Matt Hammond wrote:
>> [...]
>>
>>> Note that there may be ways for a user agent to establish a secure
>>>> communication channel with a device, for instance following a similar
>>>> mechanism to that described for the Named Web Sockets proposal [3].
>>>>
>>>
>>> Thanks for the reference, I'll read it properly, but after a first
>>> glance through, my initial question would be how to keep the password
>>> secret if (presumably) it would be provided by the HTML application?
>>>
>>
>> I do not know. I was more pointing at that mechanism as food for thought
>> :)
>>
>>
>>
>>>  I do not know how this could work for existing devices, though. Did I
>>>> miss something obvious? Is there a simple solution?
>>>>
>>>
>>>  I'll create an issue on GitHub to track this down otherwise. This is
>>>> not specific to HbbTV.
>>>
>>>
> I will do this now.
>

Filed https://github.com/w3c/presentation-api/issues/80

m.
Received on Friday, 24 April 2015 23:20:36 UTC

This archive was generated by hypermail 2.3.1 : Friday, 24 April 2015 23:20:37 UTC