This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 27168 - Individualization text regarding device identifiers is overbroad and should be more specific
Summary: Individualization text regarding device identifiers is overbroad and should b...
Alias: None
Product: HTML WG
Classification: Unclassified
Component: Encrypted Media Extensions (show other bugs)
Version: unspecified
Hardware: PC All
: P2 normal
Target Milestone: ---
Assignee: Adrian Bateman [MSFT]
QA Contact: HTML WG Bugzilla archive list
Whiteboard: Privacy
Depends on:
Reported: 2014-10-24 23:45 UTC by Joe Steele
Modified: 2015-10-20 23:32 UTC (History)
3 users (show)

See Also:


Description Joe Steele 2014-10-24 23:45:49 UTC
Section 9.4 contains the following text:

"Such implementations should not use identifiers for a device or user of a device in the individualization process."

This is too broad. I proposed instead the following:
"Such implementations should not directly provide identifiers for a device or user of a device in any messages sent during the individualization process."

This allows for implementations which generate unique identifiers not directly associable with the device or user by digesting a mixture of device identifiers. These identifiers can have the security property that two different devices are unlikely to generate the same identifier, but also have the privacy property that it is very difficult to match an identifier to a user+device.
Comment 1 David Dorwin 2014-10-28 21:11:45 UTC
I'm fine with changing the text, but I think we should be more precise in what is and is not recommended. These sections contain recommendations for implementers, so we can be specific, aim high, and included the reasons and/or an analysis of such problems. Henri provides some relevant analysis in
Comment 2 David Dorwin 2015-10-20 00:26:51 UTC
Is this issue still relevant? Is there a specific suggestion addressing comment #1? If so, please open a GitHub issue. Either way, we should close this legacy bug.
Comment 3 Joe Steele 2015-10-20 06:11:07 UTC
Yes, this issue is still relevant. I would prefer not to be much more specific, since different implementations may use different types of identifiers. Any proprietary algorithms involved do not need to be made explicit. I can create a GitHub issue -- but it will basically just duplicate this information. Is that useful?
Comment 4 David Dorwin 2015-10-20 23:32:45 UTC
Migrated to