W3C home > Mailing lists > Public > public-webappsec@w3.org > December 2016

Security review of the Remote Playback API?

From: Francois Daoust <fd@w3.org>
Date: Thu, 1 Dec 2016 12:32:11 +0100
To: <public-webappsec@w3.org>, <public-web-security@w3.org>
Cc: <avayvod@google.com>, <mlamouri@google.com>, "'Kostiainen, Anssi'" <anssi.kostiainen@intel.com>
Message-ID: <00e801d24bc6$8fba1330$af2e3990$@w3.org>
Hello Web App Security WG, Web Security IG,

The Second Screen WG would like to request a security review of the Remote Playback API:

  http://w3c.github.io/remote-playback/

Results of self-evaluating privacy and security are available in:

  https://github.com/w3c/remote-playback/issues/67

Feel free to re-open and add comments to that issue and/or to create new ones on GitHub as needed.

The Remote Playback AP reuses the same concepts as the Presentation API. The Second Screen WG is still working on technical details of the API but considers the API surface to be stable. The Editor's Draft now contains a security and privacy section:
https://w3c.github.io/remote-playback/#security-and-privacy-considerations

We would appreciate if you could complete the review by January 16th 2017, but let us know if that's too short a schedule.

Thanks,
Francois, staff contact for the Second Screen WG
Received on Thursday, 1 December 2016 11:32:42 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:21 UTC