Re: "Requirements for Powerful Features" strawman.

On Fri, Nov 21, 2014 at 8:12 AM, Mike West <> wrote:

> On Fri, Nov 21, 2014 at 4:47 PM, Mark Watson <> wrote:
>> The algorithm "May document use powerful features" pre-judges the kind of
>> questions I asked at the end of my mail below, whilst the discussions of
>> the definitions are still in progress (and particularly the definition of
>> "powerful features").
> Ah, you're talking about the algorithm names. Now I understand the
> concern, thank you for explaining. I've changed these in
> to "Is |document| a sufficiently secure context?" and "Is |environment
> settings object| a sufficiently secure context?" respectively.
>> I think it might be hard to come up with a universally agreed definition
>> of "Powerful features", so by decoupling things you have option (2) in the
>> meantime.
> I'm more optimistic on this point than you seem to be, but I totally agree
> with the thrust of the critique: the document currently separates the
> outline of "powerful features"[1] and the requirements for secure
> contexts[2] in a way that I hope now addresses your concerns.

​Yes, thank you.

One further comment on item (4) in [1]. Is exposing a temporary identifier
really a sufficient condition for "powerful" ? Wouldn't that catch
IndexedDB, since a site can clearly install a temporary identifier there ?
We're working on normative definitions in EME​, but I think there is only a
concern if an identifier is not easily clearable, is shared across origins
or actually encodes some information rather than being an opaque temporary
identifier. I think you should at least say "Some implementations of" EME,
since several UAs have worked / are working very hard to eliminate
problematic identifiers here.


> [1]:
> [2]:
> --
> Mike West <>
> Google+:, Twitter: @mikewest, Cell: +49 162 10 255 91
> Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
> Registergericht und -nummer: Hamburg, HRB 86891
> Sitz der Gesellschaft: Hamburg
> Geschäftsführer: Graham Law, Christine Elizabeth Flores
> (Sorry; I'm legally required to add this exciting detail to emails. Bleh.)

Received on Friday, 21 November 2014 16:29:12 UTC