edrthomas
commented
7 years ago Addressed in Security TF call 16-11-09
As mentioned in minutes, see accepted resolution for this issue.
Open haudiobe opened 7 years ago
edrthomas
commented
7 years ago Addressed in Security TF call 16-11-09
As mentioned in minutes, see accepted resolution for this issue.
Submitter: Giri Mandyam “The value ‘2’ is registered as the ‘DASH-IF Token Transport’.” This is an insufficient definition for STT, as there is no indication as to whether the transport occurred via TLS or plain HTTP. Moreover, the definition of STT (“…used for signalling the method through which the Signed Token is transported from the CDN to the UA and vice versa”) implies that this is not a valid field for Use Cases 1 and 2 in the document, where the client communicates directly with the origin server without CDN intermediation.