[Bug 20944] New: EME should do more to encourage/ensure CDM-level interop from bugzilla@jessica.w3.org on 2013-02-11 (public-html-bugzilla@w3.org from February 2013)

From: <bugzilla@jessica.w3.org>
Date: Mon, 11 Feb 2013 05:24:13 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-20944-2486@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=20944

            Bug ID: 20944
           Summary: EME should do more to encourage/ensure CDM-level
                    interop
    Classification: Unclassified
           Product: HTML WG
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Encrypted Media Extensions
          Assignee: adrianba@microsoft.com
          Reporter: roc@ocallahan.org
        QA Contact: public-html-bugzilla@w3.org
                CC: mike@w3.org, public-html-media@w3.org

The current EME draft makes no attempt to encourage interop at the CDM level.
For example, the current EME draft does not forbid or even discourage a UA
vendor from promulgating a CDM that no other user-agent can support, and
encouraging the creation of content for that CDM consumable only by that
user-agent. Such an outcome would be antithetical to the mission of the W3C,
and the W3C should not bless, appear to bless, or enable such scenarios.

I believe it is possible to fix this bug without making major changes to EME or
CDM technology, without discarding existing EME/CDM requirements, and that it's
worth making at least a good-faith effort to try. I believe this should be
settled (at least to the point of committing to fix the bug) before EME
progresses further, or any requirements we need to add to EME and CDMs are
likely to be rejected as "too late".

My proposed fix is to have EME require CDMs to be registered in a central
registry. To be registered, a CDM would have to meet the following conditions:

1) Documentation must be published describing the complete operation of the
CDM, in enough detail to enable independent implementation in user-agents and
to enable content deployment by content providers, except for some set of
secret keys whose values may be withheld. (Similar to but weaker than IANA's
"specification required" registry policy.)

2) If the CDM vendor offers functionality to third parties to decrypt content
that can be decrypted by the CDM, then it must publish documentation describing
how to implement the CDM using that functionality. (E.g. if a DRM platform
vendor implements a CDM using that DRM platform, other consumers of that
platform must also be able to implement the same CDM.)

These requirements are not the only possible fix, and may in fact be an
inadequate fix, but I believe they're a lot better than nothing.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Monday, 11 February 2013 05:24:16 UTC