27165 – User agents should warn users if they bring along unclearable identifiers

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 27165 - User agents should warn users if they bring along unclearable identifiers

Summary: User agents should warn users if they bring along unclearable identifiers

Status:	RESOLVED FIXED

Alias:	None

Product:	HTML WG
Classification:	Unclassified
Component:	Encrypted Media Extensions (show other bugs)
Version:	unspecified
Hardware:	PC Windows NT

Importance:	P2 normal
Target Milestone:	---
Assignee:	David Dorwin
QA Contact:	HTML WG Bugzilla archive list

URL:
Whiteboard:	Privacy, TAG
Keywords:

Depends on:
Blocks:

Reported:	2014-10-24 21:38 UTC by Domenic Denicola
Modified:	2014-12-09 00:35 UTC (History)
CC List:	3 users (show)

See Also:

Attachments

Description Domenic Denicola 2014-10-24 21:38:57 UTC

As discussed in http://lists.w3.org/Archives/Public/www-tag/2014Oct/0106.html, some DRM implementations---for Silverlight, at least---bring along semi-permanent client IDs.
 
We should consider requiring or strongly recommending that user agents prompt or inform the user if an EME implementation brings along identifiers that cannot be cleared along with regular cookies and site data (similar to Mark’s “more privacy sensitive than regular cookies” bar).

I will file a separate bug exploring whether we can require that such identifiers be clearable, but we can use this bug to discuss mitigation strategies if they must be unclearable for robustness reasons.

Comment 1 David Dorwin 2014-12-09 00:35:00 UTC

Implemented in https://github.com/w3c/encrypted-media/commit/3ead3c182ac6cd75a0ab77e2bcb957c09cdea006

Note: The separate bug referenced in comment #0 is bug 27166.