This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 17203 - Should session ID be required?
Summary: Should session ID be required?
Alias: None
Product: HTML WG
Classification: Unclassified
Component: Encrypted Media Extensions (show other bugs)
Version: unspecified
Hardware: All All
: P3 normal
Target Milestone: ---
Assignee: Adrian Bateman [MSFT]
QA Contact: HTML WG Bugzilla archive list
Depends on: 16613
Blocks: 16548
  Show dependency treegraph
Reported: 2012-05-25 23:40 UTC by David Dorwin
Modified: 2013-07-16 14:55 UTC (History)
5 users (show)

See Also:


Description David Dorwin 2012-05-25 23:40:18 UTC
Session ID is currently optional in all cases. Should we require it to always be implemented? The main advantage is more consistency for applications, and it seems pretty easy to implement something (i.e. incrementing counter). Are there reasons that a user agent/CDM would not want to implement an ID?

Bug 16613 proposes representing sessions as objects, which could reduce the number of sessionId parameters and attributes. The ID would likely still need to be exposed somehow, meaning this question would still need to be answered.

Bug 16739 relates to the format of Session ID.
Comment 1 David Dorwin 2012-08-17 06:19:45 UTC
With the object-oriented API (bug 16613), the application does not need to use or pass in a session ID if it does not want use it. The CDM must simply create an ID when the session is created. This seems like a minimal burden on CDM implementors while ensuring consistency in implementations.
Comment 2 Adrian Bateman [MSFT] 2012-08-28 21:25:40 UTC
Agreed. We will make session ID be mandatory (for CDMs that don't already support session ID this adds the requirement, say, for an incrementing integer). Assigned to Adrian.
Comment 3 David Dorwin 2012-12-11 16:59:41 UTC
This decision is pending a decision on key release (bug 17199).
Comment 4 David Dorwin 2013-07-02 15:28:08 UTC
My above comment (#3) may have been related to the degree of uniqueness, but as discussed in the July 2nd telecon, we can make session ID mandatory as described in Comments #1 and #2.
Comment 5 Adrian Bateman [MSFT] 2013-07-16 14:55:51 UTC
Changeset ->