search

w3c / webcodecs

WebCodecs is a flexible web API for encoding and decoding audio and video.
https://w3c.github.io/webcodecs/
Other
987 stars 136 forks source link

Fix usage of RFC2119 words in privacy and security section #685

Closed padenot closed 1 year ago

padenot commented 1 year ago

This fixes #648.

Preview | Diff

padenot commented 1 year ago

So we can't add rfc2119 verbs to non-normative sections see the manual of style, so we need to make a decision here.

I think this recommendation is fair (although I'm now wondering why it mentions "output" as well), but I'm wondering what others think, @dsanders11, @youennf?

I think there's agreement that mutating memory that's been passed to as an input is dangerous (that's why there are copies for now, and other mechanisms are being considered), but do implementations prevent mutating the output of codecs (e.g. mutating the encoded bytes after encoding, or mutating the media after decoding)?

dalecurtis commented 1 year ago

@sandersdan

In general, we're likely to defer to you and Chris on the matters of legalese :)

chrisn commented 1 year ago

I think this recommendation is fair

Yes, I agree.

Another instance I just noticed is:

User Agents SHOULD mitigate this risk by extensively fuzzing their implementation

which could be rephrased as "We expect that user agents will mitigate this risk by" (to avoid "should" or "recommend")

chrisn commented 1 year ago

Hang on, why merge this when there are unresolved comments?

aboba commented 1 year ago

Opened Issue for the remaining items: https://github.com/w3c/webcodecs/issues/689

PR addressing them is here: https://github.com/w3c/webcodecs/pull/690

chrisn commented 1 year ago

Thanks! I'll file a PR for https://github.com/w3c/webcodecs/pull/685#issuecomment-1602409644