[Bug 26887] Allowing license servers and CDMs to control data persistence and secure release from bugzilla@jessica.w3.org on 2014-10-31 (public-html-bugzilla@w3.org from October 2014)

From: <bugzilla@jessica.w3.org>
Date: Fri, 31 Oct 2014 06:51:18 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-26887-2486-3QTto4FyXz@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=26887

David Dorwin <ddorwin@google.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Whiteboard|                            |API_Compatibility

--- Comment #14 from David Dorwin <ddorwin@google.com> ---
(In reply to Jerry Smith from comment #13)
Some initial feedback.

> That feedback included these specific requests:
...
> 4. If multiple persistent licenses were available, the app should be able to
> select which it uses
How is this accomplished?

> Our revised proposal would:
...
> 2. Separate secure release session retrieval from re-using persisted
> licenses.  We’ve continued that in the model of the current spec with a
> session retrieval an remove methods.
Does this mean it is not possible to load a session for use in playback via
sessionId?
Is there a reason for this limitation? Some apps might wish to load by
sessionId.
Why wouldn't remove() 

> We’ve not resolved the issue about apps selecting from specific persisted
> licenses.  We’d not believed this was an issue previously in our DRM, and
> think it deserves further discussion.
I guess this answers my first question above.

> interface MediaKeys {
...
>     Promise<void>                   removeKey (sequence<ArrayBuffer>);      
> Removes keys based on keyId, including persisted copies (affects all
> relevant existing MediaKeySessions)
This seems really odd and has all the issues with removing parts of a license
(session) and multiple licenses having the key ID (you say to remove it from
all). I really think this should be addressed by operating on a
MediaKeySession. Why is this necessary?

>     Promise<void>                   removeAllKey ();  Removes all keys
> currently loaded, including persisted copies (affects all relevant existing
> MediaKeySessions)
>  };
Why is this necessary? The application could just as easily call remove on each
session and use .all().

> interface MediaKeySession : EventTarget {
...
>     Promise<void>                  request (DOMString initDataType,
> BufferSource initData);
This doesn't actually request anything - it generates a request to send (be
used in the request).

>     Promise<boolean>               retrieve (DOMString sessionId);        
> Loads session data based on sessonId, except for keys
See above - I'm not sure why this is different from load().

> This does some renaming that I hope doesn't confuse the discussion:
> 
> 1. The previous generateRequest becomes request
See above.
> 2. The previous load becomes retreive (for session data retreival)
See above.
> 3. A new load is used to attempt loading persistent licenses
> 4. New removeKey and removeAllKeys are intended to remove specific keys
> based on individual keyId or remove all keys currently loaded
See above - can you explain the reason for theses?

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Friday, 31 October 2014 06:51:19 UTC