27165 2014-10-24 21:38:57 +0000 User agents should warn users if they bring along unclearable identifiers 2014-12-09 00:35:00 +0000 1 1 1 Unclassified HTML WG Encrypted Media Extensions unspecified PC Windows NT RESOLVED FIXED Privacy, TAG P2 normal --- 1 d ddorwin ddorwin mike public-html-media public-html-bugzilla oldest_to_newest 113736 0 d 2014-10-24 21:38:57 +0000 As discussed in http://lists.w3.org/Archives/Public/www-tag/2014Oct/0106.html, some DRM implementations---for Silverlight, at least---bring along semi-permanent client IDs. We should consider requiring or strongly recommending that user agents prompt or inform the user if an EME implementation brings along identifiers that cannot be cleared along with regular cookies and site data (similar to Mark’s “more privacy sensitive than regular cookies” bar). I will file a separate bug exploring whether we can require that such identifiers be clearable, but we can use this bug to discuss mitigation strategies if they must be unclearable for robustness reasons. 116033 1 ddorwin 2014-12-09 00:35:00 +0000 Implemented in https://github.com/w3c/encrypted-media/commit/3ead3c182ac6cd75a0ab77e2bcb957c09cdea006 Note: The separate bug referenced in comment #0 is bug 27166.