You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: security-privacy-questionnaire.md
+7-5Lines changed: 7 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,9 +6,9 @@ Questionnare: https://w3ctag.github.io/security-questionnaire/ (as at 24 May 202
6
6
7
7
**Handling hardware context reset:** Information about certain device state changes will be exposed indirectly to Web sites, e.g. session closed due to "hardware context reset", which could be caused by using setting the device to sleep/resume, or switching monitors. Sites will not be able to know the exact reason. This exposure is necessary for sites to provide the best user experience.
8
8
9
-
**Querying encryption scheme support:**TODO
9
+
**Querying encryption scheme support:**The API exposes whether the implementation supports CENC or CBCS encryption, or both. These two encryption schemes are incompatible, so the API allows websites to make intelligent choices about what content to serve to which user agents.
10
10
11
-
**HDCP policy detection:**TODO
11
+
**HDCP policy detection:**The API exposes whether a HDCP version is supported by the implementation. This allows websites to know before fetching content if HDCP (and what version) can be enforced, which allows them, for example, to start pre-fetching high resolution content rather than starting at a low resolution or waiting for the license exchange.
12
12
13
13
## 2.2 Do features in your specification expose the minimum amount of information necessary to implement the intended functionality?
14
14
@@ -52,11 +52,13 @@ Questionnare: https://w3ctag.github.io/security-questionnaire/ (as at 24 May 202
52
52
53
53
## 2.7 Does this specification allow an origin to send data to the underlying platform?
54
54
55
-
**Handling hardware context reset:** No.
55
+
EME allows an origin to send encrypted media to a platform-level content decryption module (CDM) for playback, as well as a browser-intermediated negotiation of license keys between the origin and the CDM.
56
56
57
-
**Querying encryption scheme support:** No.
57
+
**Handling hardware context reset:** No additional data beyond the above.
58
58
59
-
**HDCP policy detection:** No.
59
+
**Querying encryption scheme support:** No additional data beyond the above.
60
+
61
+
**HDCP policy detection:** No additional data beyond the above.
60
62
61
63
## 2.8 Do features in this specification enable access to device sensors?
0 commit comments