This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
The type and initData parameters to createSession() are optional [1]. The Clear Key section [2] says what initData should be but not whether it is required. This section should explicitly state that it is required or optional. While there is no real reason to require it, it may make implementations easier if they can just return an error immediately rather than having to implement handle the case where initData is not provided. In addition, Clear Key is unlikely to be used in scenarios where initData may not be desired. The only real use case would seem to be to create a session without any knowledge of the media and then immediately call addKey() with a key, possibly without contacting a server. See also bug 19810, which proposes requiring key IDs, which are related to initData, in the licenses provided to addKey(). To be most compatible, maybe the text should say initData is required for containers that support it. [1] http://dvcs.w3.org/hg/html-media/raw-file/tip/encrypted-media/encrypted-media.html#dom-createsession [2] http://dvcs.w3.org/hg/html-media/raw-file/tip/encrypted-media/encrypted-media.html#simple-decryption-clear-key
As agreed in the the February 5th telecon, initData will be required for Clear Key.
This is moot if we decide that initData is always required (issue 20691).
Bug 20691 was resolved by making both createSession() parameters required. Thus, this is no longer an issue.