[EME] Fix RFC 4949 link
authorAdrian Bateman <adrianba@microsoft.com>
Thu, 14 Nov 2013 11:49:29 +0800
changeset 202 cd6d675caeb2
parent 201 cccd6d78bd9f
child 203 42d23ada7eca
[EME] Fix RFC 4949 link
encrypted-media/encrypted-media.html
encrypted-media/encrypted-media.xml
--- a/encrypted-media/encrypted-media.html	Thu Nov 14 09:26:33 2013 +0800
+++ b/encrypted-media/encrypted-media.html	Thu Nov 14 11:49:29 2013 +0800
@@ -1085,7 +1085,7 @@
     <p><i>This section is non-normative.</i></p>
     
     <p>Key system implementations must consider initialization data, key data and media data as potential attack vectors and must take care to safely parse, decrypt etc. initialization data, key data and media data. User Agents may want to validate data before passing it to the CDM, especially if the CDM does not run in the same (sandboxed) context as the DOM (i.e. rendering). </p>
-    <p>It is STRONGLY RECOMMENDED that key data and media data do not contain active content [<a href="http://www.ietf.org/rfc/rfc4949.txt&gt;" title="Shirey, R., Internet Security Glossary, Version 2, RFC 4949, August 2007, IETF">SECURITY GLOSSARY</a>].  If a Key System implementation supports the interpretation or execution of such active content then it is STRONGLY RECOMMENDED that User Agents make use of sandbox techniques to restrict the scope of access that the CDM has to the user's device. In any case, User Agent and Key System implementers should consider the threats, risks, and safeguards described in [<span title="Jansen, W, et al., Guidelines on Active Content and Mobile Code, Special Publication 800-28, Version 2, 2008, National Institute of Standards and Technology (NIST)">ACTIVE CONTENT</span>].</p>
+    <p>It is STRONGLY RECOMMENDED that key data and media data do not contain active content [<a href="http://www.ietf.org/rfc/rfc4949.txt" title="Shirey, R., Internet Security Glossary, Version 2, RFC 4949, August 2007, IETF">SECURITY GLOSSARY</a>].  If a Key System implementation supports the interpretation or execution of such active content then it is STRONGLY RECOMMENDED that User Agents make use of sandbox techniques to restrict the scope of access that the CDM has to the user's device. In any case, User Agent and Key System implementers should consider the threats, risks, and safeguards described in [<span title="Jansen, W, et al., Guidelines on Active Content and Mobile Code, Special Publication 800-28, Version 2, 2008, National Institute of Standards and Technology (NIST)">ACTIVE CONTENT</span>].</p>
     <p>User Agents are responsible for providing users with a secure way to browse the web. Since User Agents may integrate with third party CDM implementations, CDM implementors must provide sufficient information and controls to user agent implementors to enable them to properly asses the security implications of integrating with the Key System.</p>
     <p>Note: unsandboxed CDMs (or CDMs that use platform features) and UAs that use them must be especially careful in all areas of security, including parsing of key and media data, etc. due to the potential for compromises to provide access to OS/platform features, interact with or run as root, access drivers, kernel, firmware, hardware, etc., all of which may not be written to be robust against hostile software or web-based attacks. Additionally, CDMs may not be updated with security fixes as frequently, especially when part of the OS, platform or hardware.</p>
     
--- a/encrypted-media/encrypted-media.xml	Thu Nov 14 09:26:33 2013 +0800
+++ b/encrypted-media/encrypted-media.xml	Thu Nov 14 11:49:29 2013 +0800
@@ -1024,7 +1024,7 @@
     <non-normative-section/>
     
     <p>Key system implementations must consider initialization data, key data and media data as potential attack vectors and must take care to safely parse, decrypt etc. initialization data, key data and media data. User Agents may want to validate data before passing it to the CDM, especially if the CDM does not run in the same (sandboxed) context as the DOM (i.e. rendering). </p>
-    <p>It is STRONGLY RECOMMENDED that key data and media data do not contain active content [<a href="http://www.ietf.org/rfc/rfc4949.txt>" title="Shirey, R., Internet Security Glossary, Version 2, RFC 4949, August 2007, IETF">SECURITY GLOSSARY</a>].  If a Key System implementation supports the interpretation or execution of such active content then it is STRONGLY RECOMMENDED that User Agents make use of sandbox techniques to restrict the scope of access that the CDM has to the user's device. In any case, User Agent and Key System implementers should consider the threats, risks, and safeguards described in [<span title="Jansen, W, et al., Guidelines on Active Content and Mobile Code, Special Publication 800-28, Version 2, 2008, National Institute of Standards and Technology (NIST)">ACTIVE CONTENT</span>].</p>
+    <p>It is STRONGLY RECOMMENDED that key data and media data do not contain active content [<a href="http://www.ietf.org/rfc/rfc4949.txt" title="Shirey, R., Internet Security Glossary, Version 2, RFC 4949, August 2007, IETF">SECURITY GLOSSARY</a>].  If a Key System implementation supports the interpretation or execution of such active content then it is STRONGLY RECOMMENDED that User Agents make use of sandbox techniques to restrict the scope of access that the CDM has to the user's device. In any case, User Agent and Key System implementers should consider the threats, risks, and safeguards described in [<span title="Jansen, W, et al., Guidelines on Active Content and Mobile Code, Special Publication 800-28, Version 2, 2008, National Institute of Standards and Technology (NIST)">ACTIVE CONTENT</span>].</p>
     <p>User Agents are responsible for providing users with a secure way to browse the web. Since User Agents may integrate with third party CDM implementations, CDM implementors must provide sufficient information and controls to user agent implementors to enable them to properly asses the security implications of integrating with the Key System.</p>
     <p>Note: unsandboxed CDMs (or CDMs that use platform features) and UAs that use them must be especially careful in all areas of security, including parsing of key and media data, etc. due to the potential for compromises to provide access to OS/platform features, interact with or run as root, access drivers, kernel, firmware, hardware, etc., all of which may not be written to be robust against hostile software or web-based attacks. Additionally, CDMs may not be updated with security fixes as frequently, especially when part of the OS, platform or hardware.</p>