- From: David Dorwin <ddorwin@google.com>
- Date: Fri, 22 Jun 2012 15:33:10 -0700
- To: Mark Watson <watsonm@netflix.com>
- Cc: "<public-html-media@w3.org>" <public-html-media@w3.org>
- Message-ID: <CAHD2rsgehcR5gJ5=47N12m8_orytk3Pitw-4ex8UO6wU+Mf=vA@mail.gmail.com>
I corrected my last sentence below to:
See https://www.w3.org/Bugs/Public/show_bug.cgi?id=17470, which is tracking
*when applications can call* other methods, specifically
generateKeyRequest().
On Fri, Jun 22, 2012 at 3:30 PM, David Dorwin <ddorwin@google.com> wrote:
>
>
> On Tue, Jun 19, 2012 at 8:52 AM, Mark Watson <watsonm@netflix.com> wrote:
>
>>
>> On Jun 11, 2012, at 11:57 PM, David Dorwin wrote:
>>
>> https://www.w3.org/Bugs/Public/show_bug.cgi?id=17199
>>
>> The Key Release portion (
>> http://dvcs.w3.org/hg/html-media/raw-file/tip/encrypted-media/encrypted-media.html#key-release)
>> of the proposal hasn't received a lot of feedback, so I'd like to start a
>> discussion about it.
>>
>> Section 4.1 gives a good overview of the problem. Briefly, the goal is
>> the provide the application with secure proof that a key is no longer
>> present on the client ("released"). The application must also be able to
>> ACK proofs. One particular thing to note is that proofs are not related
>> to any particular media element. In addition, the current API proposal does
>> not associate key release with HTMLMediaElement or any other object.
>>
>> Some possible topics for discussion:
>> * Multiple KeyReleaseManagers could be created, but they would all
>> represent the same data. How might we make KeyReleaseManager global or a
>> singleton?
>>
>>
>> I would like to better understand what is the "normal" way to do this ?
>> Should this be window.mediakeyreleasemanager ? What are the issues with
>> that ?
>>
>> * While not related to HTMLMediaElement from an API point of view, key
>> release would need to be tightly integrated with the implementation
>> underlying the rest of the proposal, which is related to HTMLMediaElement.
>> - What is the impact on implementations?
>> - How might we more closely associate key release
>> with HTMLMediaElement and/or the rest of the EME implementation?
>>
>>
>> If it makes a significant difference for implementations then this
>> could be dealt with using methods on HTMLMediaElement, with the consequence
>> that you might need to create a "dummy" HTMLMediaElement to get access to
>> the proof of key release messages.
>>
>
> I think this is worth investigating. One thing we will have to address is
> ensuring that the media element implementation can be sufficiently
> initialized in the "dummy" case. See
> https://www.w3.org/Bugs/Public/show_bug.cgi?id=17470, which is tracking
> when applications can call other methods, specifically generateKeyRequest().
>
>>
>> * How might representing sessions as objects (
>> https://www.w3.org/Bugs/Public/show_bug.cgi?id=16613) affect the design?
>>
>>
>> I think it makes it clearer, since the "proof of key release" messages
>> are created (and stored in the CDM) exactly when a "session" is destroyed.
>> In fact they become "proof of session destruction" instead.
>>
>> …Mark
>>
>>
>
Received on Friday, 22 June 2012 22:33:59 UTC