W3C home > Mailing lists > Public > public-w3process@w3.org > November 2014

Re: Require security review before FPWD

From: Sam Ruby <rubys@intertwingly.net>
Date: Mon, 03 Nov 2014 08:07:08 -0500
Message-ID: <54577DFC.7070608@intertwingly.net>
To: public-w3process@w3.org

On 11/03/2014 07:33 AM, Anne van Kesteren wrote:
> On Mon, Nov 3, 2014 at 1:10 PM, David Singer <singer@apple.com>
> wrote:
>> Since I have no idea how we got from ‘when is it required that an
>> XXX review be done?’ to ‘has the W3C endorsed DRM?’ I can only
>> conclude that we’re seriously at cross purposes.
> I brought up EME as an example of where vendors implemented and
> shipped something that is bad for security and privacy. Reviewers
> are at a loss. You said vendors should follow the W3C. I argued that
> such an argument did not apply here as the W3C has not made up its
> made mind (or so claims the leadership).

Having recently been at a F2F with those vendors, I can confidently
state that a security review prior to FPWD would not have changed vendor
behavior.  In fact, I see a lot of parallel to the <video> tag[1].  That
being said, discussion is ongoing, and I encourage readers to consult
the following:



- Sam Ruby

Received on Monday, 3 November 2014 13:07:35 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:51:22 UTC