wolenetz
commented
7 months ago One part to consider including relates to #175 : to not-overoptimize cross-thread communication, as such could enable (or reduce defenses against) timing attack vectors on susceptible platforms/implementations. See https://github.com/w3c/media-source/issues/175#issuecomment-915627605
As part of the evolving W3C TAG review process, new features involve a security and privacy questionnaire (https://www.w3.org/TR/security-privacy-questionnaire/) that it would be good to have in the V2 specification to assist review of new features and, especially, to serve the intended purpose of helping implementers and web developers understand the risks that a feature presents, and to ensure that adequate mitigations are in place.