--- a/encrypted-media/encrypted-media-respec.html	Fri Oct 17 09:43:04 2014 -0700
+++ b/encrypted-media/encrypted-media-respec.html	Fri Oct 17 10:23:02 2014 -0700
@@ -253,6 +253,11 @@
             The Encrypted Media Extensions Stream Format and Initialization Data Format Registry [[EME-REGISTRY]]
             provides the mapping from initialization data type string to the specification for each format.
             </p>
+
+            <p>Initialization Data MUST be a fixed value for a given set of stream(s) or <a def-id="media-data"></a>.
+              It MUST only contain information related to the keys required to play a given set of stream(s) or <a def-id="media-data"></a>.
+              It MUST NOT contain application data, client-specific data, user-specific data, or <a href="#decryption-key">key(s)</a>.
+            </p>
           </dd>
     
           <dt id="cross-origin">Cross Origin Limitations</dt>

--- a/encrypted-media/encrypted-media.html	Fri Oct 17 09:43:04 2014 -0700
+++ b/encrypted-media/encrypted-media.html	Fri Oct 17 10:23:02 2014 -0700
@@ -445,7 +445,7 @@
   </p>
   <h1 class="title p-name" id="title" property="dcterms:title">Encrypted Media Extensions</h1>
   
-  <h2 property="dcterms:issued" datatype="xsd:dateTime" content="2014-10-17T17:17:51.000Z" id="w3c-editor-s-draft-17-october-2014"><abbr title="World Wide Web Consortium">W3C</abbr> Editor's Draft <time class="dt-published" datetime="2014-10-17">17 October 2014</time></h2>
+  <h2 property="dcterms:issued" datatype="xsd:dateTime" content="2014-10-17T17:22:34.000Z" id="w3c-editor-s-draft-17-october-2014"><abbr title="World Wide Web Consortium">W3C</abbr> Editor's Draft <time class="dt-published" datetime="2014-10-17">17 October 2014</time></h2>
   <dl>
     
       <dt>This version:</dt>
@@ -734,6 +734,11 @@
             The Encrypted Media Extensions Stream Format and Initialization Data Format Registry [<cite><a class="bibref" href="#bib-EME-REGISTRY">EME-REGISTRY</a></cite>]
             provides the mapping from initialization data type string to the specification for each format.
             </p>
+
+            <p>Initialization Data <em class="rfc2119" title="MUST">MUST</em> be a fixed value for a given set of stream(s) or <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.
+              It <em class="rfc2119" title="MUST">MUST</em> only contain information related to the keys required to play a given set of stream(s) or <a href="http://www.w3.org/TR/html5/embedded-content-0.html#media-data">media data</a>.
+              It <em class="rfc2119" title="MUST NOT">MUST NOT</em> contain application data, client-specific data, user-specific data, or <a href="#decryption-key">key(s)</a>.
+            </p>
           </dd>
     
           <dt id="cross-origin">Cross Origin Limitations</dt>