Re: [mixed-content] DASH Players and Mixed Content

+Ryan

On Tue, Jul 21, 2015 at 6:11 PM, Brad Hill <hillbrad@gmail.com> wrote:

> There was a proposal of this sort (not a blanket exception, but a safer
> way to allow for video-over-HTTP to HTTPS pages) by Ryan Sleevi, the start
> of the thread can be found here:
>
> https://lists.w3.org/Archives/Public/public-webappsec/2015Feb/0371.html
>
> We discussed this last week at our face-to-face in Berlin, and the feel of
> the room seemed to be that the proposal was technically sound, we weren't
> sure who exactly the customers of it would be.  I think Ryan had Netflix in
> mind given their previous reluctance to move to TLS for delivery, but with
> that resolved, nobody has publicly stepped up as wanting to adopt such a
> solution.  Our informal rule of thumb in this group is that we've wanted
> expressions of interest from two "customers" of a feature before we start
> working on something.
>
> Ben, do you maintain a player like this, or know someone who does, who
> would be willing to examine and comment on Ryan's proposal?
>
> thanks,
>
> Brad Hill
>
> On Tue, Jul 21, 2015 at 1:45 AM Ben Gidley <ben@gidley.co.uk> wrote:
>
>> I'd like to ask if you've considered how this proposal effects MPEG-DASH
>> players using Media Source Extensions?
>>
>> I've been using DASH players and they generally all break with today's
>> behavior on Chrome/Firefox is you're using a HTTPS page with a HTTP CDN for
>> the video content. This is because they mostly fetch content via XHR for
>> processing in their media source extension.
>>
>> It's not very desirable to push all video over SSL (as it breaks in
>> network caching commonly deployed by Telco's/ISP's) - is it possible to
>> consider a scheme to allow a media source extension to tech video?
>>
>>
>>
>> --
>> Ben Gidley
>>
>> www.gidley.co.uk
>> ben@gidley.co.uk
>>
>

Received on Tuesday, 21 July 2015 16:18:55 UTC