Security review of the Remote Playback API?

Hello Web App Security WG, Web Security IG,

The Second Screen WG would like to request a security review of the Remote Playback API:

  http://w3c.github.io/remote-playback/

Results of self-evaluating privacy and security are available in:

  https://github.com/w3c/remote-playback/issues/67

Feel free to re-open and add comments to that issue and/or to create new ones on GitHub as needed.

The Remote Playback AP reuses the same concepts as the Presentation API. The Second Screen WG is still working on technical details of the API but considers the API surface to be stable. The Editor's Draft now contains a security and privacy section:
https://w3c.github.io/remote-playback/#security-and-privacy-considerations

We would appreciate if you could complete the review by January 16th 2017, but let us know if that's too short a schedule.

Thanks,
Francois, staff contact for the Second Screen WG

Received on Thursday, 1 December 2016 11:32:42 UTC