W3C home > Mailing lists > Public > public-html-media@w3.org > June 2012

Re: [EME] Key Release

From: David Dorwin <ddorwin@google.com>
Date: Fri, 22 Jun 2012 15:33:10 -0700
Message-ID: <CAHD2rsgehcR5gJ5=47N12m8_orytk3Pitw-4ex8UO6wU+Mf=vA@mail.gmail.com>
To: Mark Watson <watsonm@netflix.com>
Cc: "<public-html-media@w3.org>" <public-html-media@w3.org>
I corrected my last sentence below to:

See https://www.w3.org/Bugs/Public/show_bug.cgi?id=17470, which is tracking
*when applications can call* other methods, specifically
generateKeyRequest().


On Fri, Jun 22, 2012 at 3:30 PM, David Dorwin <ddorwin@google.com> wrote:

>
>
> On Tue, Jun 19, 2012 at 8:52 AM, Mark Watson <watsonm@netflix.com> wrote:
>
>>
>>  On Jun 11, 2012, at 11:57 PM, David Dorwin wrote:
>>
>> https://www.w3.org/Bugs/Public/show_bug.cgi?id=17199
>>
>>  The Key Release portion (
>> http://dvcs.w3.org/hg/html-media/raw-file/tip/encrypted-media/encrypted-media.html#key-release)
>> of the proposal hasn't received a lot of feedback, so I'd like to start a
>> discussion about it.
>>
>>  Section 4.1 gives a good overview of the problem. Briefly, the goal is
>> the provide the application with secure proof that a key is no longer
>> present on the client ("released"). The application must also be able to
>> ACK proofs. One particular thing to note is that proofs are not related
>> to any particular media element. In addition, the current API proposal does
>> not associate key release with HTMLMediaElement or any other object.
>>
>>  Some possible topics for discussion:
>>  * Multiple KeyReleaseManagers could be created, but they would all
>> represent the same data. How might we make KeyReleaseManager global or a
>> singleton?
>>
>>
>>  I would like to better understand what is the "normal" way to do this ?
>> Should this be window.mediakeyreleasemanager ? What are the issues with
>> that ?
>>
>>   * While not related to HTMLMediaElement from an API point of view, key
>> release would need to be tightly integrated with the implementation
>> underlying the rest of the proposal, which is related to HTMLMediaElement.
>>    - What is the impact on implementations?
>>    - How might we more closely associate key release
>> with HTMLMediaElement and/or the rest of the EME implementation?
>>
>>
>>  If it makes a significant difference for implementations then this
>> could be dealt with using methods on HTMLMediaElement, with the consequence
>> that you might need to create a "dummy" HTMLMediaElement to get access to
>> the proof of key release messages.
>>
>
> I think this is worth investigating. One thing we will have to address is
> ensuring that the media element implementation can be sufficiently
> initialized in the "dummy" case. See
> https://www.w3.org/Bugs/Public/show_bug.cgi?id=17470, which is tracking
> when applications can call other methods, specifically generateKeyRequest().
>
>>
>>   * How might representing sessions as objects (
>> https://www.w3.org/Bugs/Public/show_bug.cgi?id=16613) affect the design?
>>
>>
>>  I think it makes it clearer, since the "proof of key release" messages
>> are created (and stored in the CDM) exactly when a  "session" is destroyed.
>> In fact they become "proof of session destruction" instead.
>>
>>  ůMark
>>
>>
>
Received on Friday, 22 June 2012 22:33:59 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:56 UTC