15:02:58 RRSAgent has joined #html-media
15:02:58 logging to http://www.w3.org/2013/06/04-html-media-irc
15:03:00 RRSAgent, make logs public
15:03:00 Zakim has joined #html-media
15:03:02 Zakim, this will be 63342
15:03:02 ok, trackbot; I see HTML_WG()11:00AM scheduled to start 3 minutes ago
15:03:03 Meeting: HTML Media Task Force Teleconference
15:03:03 Date: 04 June 2013
15:03:25 BobLund has joined #html-media
15:04:46 pal has joined #html-media
15:04:48 adrianba has joined #html-media
15:04:53 chair: Paul Cotton
15:05:01 Zakim, who is here?
15:05:01 HTML_WG()11:00AM has not yet started, joesteele
15:05:02 On IRC I see adrianba, pal, BobLund, Zakim, RRSAgent, paulc, joesteele, ddorwin, davide, trackbot, wseltzer
15:05:14 zakim, start meeting
15:05:15 I don't understand 'start meeting', joesteele
15:05:30 rrsagent, generate minutes
15:05:30 I have made the request to generate http://www.w3.org/2013/06/04-html-media-minutes.html paulc
15:05:39 scribe: joesteele
15:05:39 zakim, this is html_wg
15:05:39 ok, adrianba; that matches HTML_WG()11:00AM
15:05:45 +pal
15:05:55 Zakim, who is here?
15:05:55 On the phone I see +1.425.269.aaaa, [Adobe], davide, ddorwin, [Microsoft], pladd, pal
15:05:57 On IRC I see adrianba, pal, BobLund, Zakim, RRSAgent, paulc, joesteele, ddorwin, davide, trackbot, wseltzer
15:06:05 rrsagent, generate minutes
15:06:05 I have made the request to generate http://www.w3.org/2013/06/04-html-media-minutes.html joesteele
15:06:05 pladd has joined #html-media
15:06:05 +[Microsoft.a]
15:06:08 zakim, [Microsoft.a] is me
15:06:08 +adrianba; got it
15:06:17 zakim, [Microsoft] is me
15:06:17 +paulc; got it
15:06:20 Zakim, who is on the phone?
15:06:20 On the phone I see +1.425.269.aaaa, [Adobe], davide, ddorwin, paulc, pladd, pal, adrianba
15:06:47 Topic: Agenda
15:06:48 +BobLund
15:06:57 http://lists.w3.org/Archives/Public/public-html-media/2013Jun/0010.html
15:07:03 Zakim, [Adobe] is me
15:07:03 +joesteele; got it
15:07:20 Topic: Previous minutes
15:07:28 http://www.w3.org/2013/05/21-html-media-minutes.html
15:07:41 paulc: discussed EME at the May 21st mtg
15:07:52 ... lots of action items
15:08:00 Topic: Action items and issues
15:08:40 ISSUE-1: Consider moving the Clear Key definition into a separate specification
15:08:40 Notes added to ISSUE-1 Consider moving the Clear Key definition into a separate specification.
15:08:42 ... listed as if dealing with individual bugs -- most of them are
15:08:44 q+
15:08:53 Still outstanding today - will be worked on in the future.
15:09:08 Topic: Eme status and bugs
15:09:16 s/Eme status/EME status/
15:09:24 paulc: last updated May 28th
15:09:30 Status update: http://lists.w3.org/Archives/Public/public-html-media/2013May/0125.html
15:09:35 ... Davids email explaining that update is above
15:09:48 ... several actions and editorials in there
15:09:58 Topic: Outstanding bugs
15:10:01 http://tinyurl.com/7tfambo
15:10:19 ... count was 23
15:10:36 paulc: now 22 -- one has been dealt with
15:11:18 paulc: rest of agenda is actions
15:11:26 ... believe others are done
15:11:34 ... let's step through the agenda
15:11:42 Topic: AGENDA-12
15:11:53 ACTION-12?
15:11:53 ACTION-12 -- Mark Watson to add text to Editor's Draft for bug 21155 -- due 2013-05-28 -- OPEN
15:11:53 http://www.w3.org/html/wg/media/track/actions/12
15:11:58 s/AGENDA-12/ACTION-12/
15:12:04 +[Microsoft]
15:12:07 - +1.425.269.aaaa
15:12:08 http://lists.w3.org/Archives/Public/public-html-media/2013May/0126.html
15:12:15 paulc: for Mark -- is Mark here?
15:12:22 ... don't believe so
15:12:46 johnsim has joined #html-media
15:12:53 ... (reading Marks update to the bug)
15:13:00 ... has anyone looked at the bug?
15:13:33 ddorwin: read it and no coments
15:13:40 s/coments/comments/
15:13:45 bug: 21155
15:14:00 paulc: resolved as fixed
15:14:21 + +1.714.338.aabb
15:14:22 Topic: ACTION-10
15:14:28 ACTION-10?
15:14:28 ACTION-10 -- Adrian Bateman to discuss bug 21855 with johnsim -- due 2013-04-22 -- OPEN
15:14:28 http://www.w3.org/html/wg/media/track/actions/10
15:14:48 paulc: still open -- our oldest action
15:15:17 adrianba: we met and went through all the actions and outstanding bugs. should have something on the list in the next day or so
15:15:29 ACTION-10 is due on Jun 11
15:15:48 ACTION-10: due jun 11
15:15:48 Notes added to ACTION-10 Discuss bug 21855 with johnsim.
15:15:52 paulc: moving the due date to June 11
15:16:07 ACTION-10 due jun 11
15:16:07 Set ACTION-10 Discuss bug 21855 with johnsim due date to jun 11.
15:16:11 paulc: anticipating we will have the same with some other items
15:16:14 ACTION-13?
15:16:14 ACTION-13 -- Adrian Bateman to review comments and add text to editor's draft for bug 19009 -- due 2013-05-28 -- OPEN
15:16:14 http://www.w3.org/html/wg/media/track/actions/13
15:16:41 paulc: can you confirm you want a due date of next week for these?
15:16:58 ACTION-13 due jun 11
15:16:59 Set ACTION-13 Review comments and add text to editor's draft for bug 19009 due date to jun 11.
15:17:15 ACTION-15?
15:17:15 ACTION-15 -- Adrian Bateman to add text based on henri's comment to the spec for bug 21203 -- due 2013-05-28 -- PENDINGREVIEW
15:17:15 http://www.w3.org/html/wg/media/track/actions/15
15:17:35 adrianba: this is pending review -- made changes based on Henris proposal
15:18:10 ... means that if the media data is not coming from CORS same origin or with appropriate -- needKey won't fire and instead get error
15:18:19 ... bug was resolved as fixed
15:18:46 ... please read through and make sense
15:18:55 ACTION-17?
15:18:56 ACTION-17 -- Adrian Bateman to provide feedback on keySystem string bugs 16540 and 20798 -- due 2013-05-28 -- OPEN
15:18:56 http://www.w3.org/html/wg/media/track/actions/17
15:19:09 s/make sense/see if makes sense/
15:19:30 ACTION-17 due on june 11th
15:19:30 Set ACTION-17 Provide feedback on keySystem string bugs 16540 and 20798 due date to on june 11th.
15:19:43 ACTION-19?
15:19:43 ACTION-19 -- John Simmons to will work with adrianba and jdsmith to make a proposal for bug 21854 -- due 2013-06-04 -- OPEN
15:19:43 http://www.w3.org/html/wg/media/track/actions/19
15:19:57 paulc: due date to set out?
15:20:26 ... this is for john
15:20:52 johnsim: these are all related to life cycle of sessions
15:20:54 ACTION-19 due on june 11th
15:20:54 Set ACTION-19 Will work with adrianba and jdsmith to make a proposal for bug 21854 due date to on june 11th.
15:21:16 paulc: other bugs for discussion -- there are 22 other bugs
15:21:35 ... went from recent to older last time
15:21:56 ... where do we go today?
15:22:27 I nominate 21869 for discussion
15:23:30 my main concern in this thrad is about keys
15:23:39 q?
15:24:09 johnsim: I feel that what a key system is doing is out of scope of EME -- spec is specifying events and methods
15:24:37 ... in the CDM under the hood whether it stores keys or not does not seem to be something we want to spec
15:25:20 ... that said there is the issue of when a CDM has a key that fulfills initialization data that does affect the flow
15:25:34 ... that is a cirucumstance we need to know whether to acocomodate
15:25:38 q+
15:25:58 ... MarkW has stated in some cases he does not want the stored key to be used
15:26:07 ... might need a way to indicated this from the applicaiton
15:26:28 ... but don't think EME should say one way or the other whether EME should store keys
15:26:38 q-
15:26:38 ack adrianba
15:26:43 ack me
15:27:02 johnsim_ has joined #html-media
15:27:02 paulc_ has joined #html-media
15:27:34 q+
15:28:15 q+
15:28:21 ack adrian
15:28:41 adrianba: think this falls into the privacy bug we have open -- called out in the document
15:28:58 ... storage is within the scope of the CDM
15:29:27 ... point Henri is making is that can't use this storage for tracking across sites -- CORS does not completely address
15:29:53 ... want to make sure can't use data storage of a CDM as third party cookies storage when cookies are disabled
15:30:12 ... will be guidance we need to add to the spec to draw out this privacy concern
15:30:30 ... talke about the mitigiations CDMs should make as well
15:30:43 paulc: proposing to add more material to the docs?
15:30:51 adrianba: yes and there is a bug for that
15:30:51 We should add this item to the privacy bug and add something like "UAs should ensure any CDM storage respects origin, etc."
15:30:51 ack dd
15:31:13 ddorwin: concur with adrian that we should add the privacy bits to the doc
15:31:17 I think it's preferable not to have the CDM store data, whether it be keys, key releases, or something else. It adds a lot of complexity, especially when trying to respect privacy, origin, etc.
15:31:38 -> https://www.w3.org/Bugs/Public/show_bug.cgi?id=20965 Privacy Concern Bug
15:31:43 ... trying to do what is in the privacy bug adds complexity.
15:31:44 q+
15:31:49 Are there use cases where having the _app_ store the (encrypted) key. Browsers will have a much better chance of providing the appropriate controls and expected behaviors if storage is handled by the application using existing APIs.
15:32:40 ack joe
15:34:07 q+
15:34:25 ack dd
15:34:56 q+
15:35:13 ddorwin: not saying that the CDM could not store data -- but app could cache it
15:35:28 ack john
15:35:32 johnsim: are yo uarguing that key systems should not be allowed to store keys?
15:35:47 ddorwin: I would prefer, but might not be enforceable
15:36:19 johnsim: we have multiple existing DRM systems and want to take that functionality and move to the browser model
15:36:36 ... if we don't support things like stored keys we are breaking a large number of existing DRMs
15:36:53 ... seems like an undesirable thing
15:37:17 ddorwin: would like to solve this in a web-compatible way
15:37:23 ... might not always be possible
15:37:40 q+
15:37:51 paulc: dumb question -- we have said CDM is out of scope -- why would we say anything about the CDM?
15:37:51 ack adr
15:38:01 adrianba: we have to say something about CDMs
15:38:22 ... goal is to provide an abstract model for interaction with CDMs - but CDMs are required to provide some common functionality
15:38:28 ... so we can interact with the API
15:38:49 ... the way that it is implemented is conformant to that conceptual model
15:39:14 ... but we do define certain restrictions, need to give guidance and explanation of the reason behind the guidance
15:39:39 ... in the past specs have not done a good job of explaining the rationale here
15:40:04 ... we are not saying you can't do anything else, but providing guidance
15:40:17 paulc: do you believe we have adequate bugs to drive this new content to be added?
15:40:32 adrianba: think the answer is yes -- but in the context of this bug
15:40:49 https://www.w3.org/Bugs/Public/show_bug.cgi?id=21869
15:40:57 ... for this bug the answer is we don't need to say anything additional beyond general privacy mitigiations
15:41:07 ... everything else is out of scope
15:41:27 johnsim: think Adrian said it well, we do have to say some things abou twhat the CDM does
15:41:43 ... when the CDM is doing something that matters to the application it should be speciifed
15:41:53 ... everything else is out of scope
15:42:03 ... question is whether we have identified everything that matters
15:43:18 q+
15:43:31 ack dd
15:43:36 q+
15:44:54 +q
15:47:01 I am ok with the privacy text solution. However if there is a desire within the group to not allow the CDM to store data directly, and instead force the app to do that work
15:47:54 ... then additional APIs to allow the CDM to commnicate which key message should be retained back to the applicaiton. This is a failrly common use case and one I think we should support without requiring lots of additinal works from the app builder.
15:48:17 ack pal
15:48:43 pal: my read is that the CDM is completely opaque -- needs a key and returns the key into the CDM (from the app)
15:48:50 ... are we suggesting that this will change?
15:48:52 ddorwin has joined #html-media
15:49:17 ack john
15:49:23 pal: if we are changing the basic assumptions that would be big
15:50:03 johnsim: I don't think that solutions where the application has to be cognicent of key acqusition systems is a good thing. I think all key systems in use today have the ability to cache keys.
15:50:22 ... the issue is whether the applicaiton allows the CDM to use a cached key as opposed to making a key request
15:50:49 ... if the application could say this in a way that is CDM independent -- that is a requirement from MarkW
15:51:12 ... definitely use case where we want the cached key to be used
15:51:30 ... not just for performance, but restarting playback, etc.
15:51:51 ... just need the assertion about whether a stored key can be used
15:52:01 pal: what does cached key mean in this context?
15:52:16 ... in particular does it mean pre-provisioned keys
15:52:20 ... ?
15:52:34 johnsim: those are not DRM keys
15:53:05 ... there are two different bugs here -- the privacy, trackability issues exist regardless of whether we allow keys to be cached
15:53:30 ... we are also trying to create a set of methods and events inside the browser allowing existing types if apps to use the browser without a lot of changes
15:54:00 ... if we disable that, we will hurt the effort. My opinion is that we should support cached keys in a way that is not "key system aware"
15:54:00 q+
15:54:05 adrianba_ has joined #html-media
15:54:10 ... We also need to respect the privacy issues
15:54:20 pal: spec as currently written does not prevent this right?
15:54:23 johnsim: yes
15:54:43 ... however if it does cache a key does it fire a key message or not?
15:54:58 And where does it store that key
15:55:24 johnsim: there are cases where we want to force a key request but there is no mechanism today
15:55:43 paulc: are the use cases you described covered by other bugs?
15:55:46 johnsim: yes
15:56:00 paulc: 5 till -- what are the next steps?
15:56:17 Bug: https://www.w3.org/Bugs/Public/show_bug.cgi?id=21869
15:56:19 No one is throwing out the capability to cache keys. It's just a matter of who/what is caching them. In the spec, the application is in control of key exchange, error handling, etc. While DRM systems may have supported caching keys in the past, it was also responsible for key exchange and in some cases network, display, etc.
15:56:53 Can John add his specific use cases to this bug?
15:57:40 ddorwin: everyone is in agreement on the privacy issue
15:57:55 ... rest seems philosophical -- might not need to be addressed as a bug
15:58:01 Conclusions: deal with privacy items in bug https://www.w3.org/Bugs/Public/show_bug.cgi?id=20965 Privacy Concern Bug
15:58:39 ddorwin: just because existing key systems do things does not say CDM needs to do them
15:58:40 ack dd
15:59:03 Should we make 21869 depend on 20965, Resolved 21869 and then revisit 20965 to decide if it can be closed.
15:59:38 +1
15:59:53 -pladd
15:59:54 paulc: any objections?
16:00:02 No objections to paul's plan.
16:00:12 -pal
16:00:36 paulc: we have a bunch of items queued up -- we will have some progress on them. I could use help on determining which other bugs we should queue up in two weeks
16:00:44 ddorwin: still waiting on feedback for some
16:00:57 -BobLund
16:01:02 paulc: I will be in Alaska in two weeks so I won't be able to chair. Any volunteers?
16:01:14 ... will send a note to the editors
16:01:21 rrsagent, generate minutes
16:01:21 I have made the request to generate http://www.w3.org/2013/06/04-html-media-minutes.html paulc_
16:01:33 paulc: Thanks everyone
16:01:34 -adrianba
16:01:35 -[Microsoft]
16:01:37 -davide
16:01:39 -paulc
16:01:40