W3C home > Mailing lists > Public > public-html-media@w3.org > June 2012

Re: [EME] Heartbeat support

From: David Dorwin <ddorwin@google.com>
Date: Fri, 22 Jun 2012 17:12:25 -0700
Message-ID: <CAHD2rsiLvcdo=_AzXx4urSKARAp=nc3nCaUjxktJh0+vrQ90bA@mail.gmail.com>
To: Mark Watson <watsonm@netflix.com>
Cc: Yang Sun <sun.yang.nj@gmail.com>, Martin Soukup <martin.soukup@irdeto.com>, "public-html-media@w3.org" <public-html-media@w3.org>
One issue with reuse of keymessage for heartbeat^ is that the application
cannot differentiate a heartbeat message from any other message^^. While
the hope is that it wouldn’t need to, one use case might be to use a
different server/URL for heartbeats than licenses. For example, a content
provider might wish to use a different server for the frequent - and
therefore high QPS on the server - heartbeats than the initial license
request. I can’t say whether supporting this is necessary, but it would be
unfortunate to essentially force the same URL to be used.

To address this and enable other potential use cases, I propose the
following:

   - Change the "defaultUrl" attribute of MediaKeyMessageEvent to "url".
   - Allow "url" for every keymessage event.
   - If specified in a keymessage event, applications should but are not
   required to send the message to the value of the "url" attribute.
      - (In most cases, applications will want to respect the "url" - it
      may have even been set via the license from the content provider
      or application. However, there might be scenarios where an application
      wants to override it, and I don't think there is a reason to specify that
      it can't. This doesn't seem to affect user agent implementations
at all. If
      the application does something it shouldn't have, playback may stop.)

I think this is a better solution than adding a separate "heartbeat" event,
adding a flag, or requiring that all messages be sent to the same URL or
processed in the same way.

^ This same issue could also affect other non-key request uses of
keymessage, but I’m not aware of any other concrete examples. Heartbeat is
also a frequent message that might lend itself to a separate URL.
^^ There are a variety of ways that this could be worked around, but they
don’t seem very clean. Similarly, a front end server may be key
system-independent and thus unable to differentiate messages to send to
various backend servers.

On Wed, Jun 13, 2012 at 9:39 AM, Mark Watson <watsonm@netflix.com> wrote:

>
>  On Jun 13, 2012, at 7:39 AM, Yang Sun wrote:
>
> The idea of single key single session
>
>
>  I don't think anyone is assuming a one-to-one relationship between keys
> and sessions. Are you proposing that ?
>
> only has meaning when the key is used for the encrypted media, but the
> keep-alive message really does not need a key used for the encrypted media,
> so we should differentiate the keep-alive message with "real" key.
>
>
>  Why ?
>
>
>  For the key rotation, I do not know for the keep-alive message, there
> will be a new key or using existing key in the keymessage().
>
>  If using existing key, why key rotation happnes?
> If usinga new key, can we using a temporary namespace key,since it has
> nothing relationship with CDM.
> Does the key in keymessage will have something relative with CDM on device?
>
>
>  I didn't understand these last two sentences - could you elaborate ?
>
>  What we're trying to achieve here is an API where the purpose of the
> message exchanges is well-defined as being to establish the necessary state
> in the CDM to decrypt the media. But the actual contents of that state:
> keys, key metadata, licenses, how many, whether they expire, whether they
> rotate etc. is all up to the keysystem. There's no real reason for the
> script to know *why* the CDM wants to exchange messages with its peer
> server - other than the 'to establish decryption state' - the script just
> facilitates the exchange.
>
>  …Mark
>
>
> On Wed, Jun 13, 2012 at 12:03 AM, Martin Soukup <martin.soukup@irdeto.com>wrote:
>
>>  I think Option 1 is simpler for the application developer and is
>> consistent with the idea that a single key has a single session. If the
>> rotation of keys will generate new sessions, however, I believe that the
>> heartbeat mechanism should be consistent and be treated as a new key
>> request since as an application developer I shouldn’t need to differentiate
>> between what kind of requests are being made.****
>>
>> ** **
>>
>> Similar to the question that came up on the call, how does the keymessage
>> identify the media element?****
>>
>> ** **
>>
>> Martin****
>>
>> ** **
>>
>> *From:* David Dorwin [mailto:ddorwin@google.com]
>> *Sent:* June-12-12 2:12 AM
>> *To:* public-html-media@w3.org
>> *Subject:* [EME] Heartbeat support****
>>
>> ** **
>>
>> https://www.w3.org/Bugs/Public/show_bug.cgi?id=16738****
>>
>> ** **
>>
>> Some content providers require a heartbeat from the client device.
>> Implementations often involve a message being generated by the decryption
>> module and being ACK'd by the server. The APIs in the proposal were
>> designed to allow such additional features without requiring API changes.
>> However, there are multiple ways heartbeat might be implemented, and it
>> probably makes sense to provide guidance to avoid fragmentation.****
>>
>> ** **
>>
>> The current draft mentions two potential implementations at
>> http://dvcs.w3.org/hg/html-media/raw-file/tip/encrypted-media/encrypted-media.html#faq-heartbeat
>> :****
>>
>>  1) Use keymessage to continue the current session****
>>
>>  2) Start a new message exchange procedes in exactly the same way as
>> the initial message exchange, with the exception that the Key System and
>> Session ID are known when the needkey event is sent.****
>>
>> ** **
>>
>> In option 1, keymessage would be used to provide the heartbeat, which
>> must be ACK'd by the server. The thought is that this ACK would be provided
>> via addKey(). Assuming we make the change in
>> https://www.w3.org/Bugs/Public/show_bug.cgi?id=16548,  addKey() is
>> always a response to a keymessage event, so that is somewhat consistent
>> with existing use cases.****
>>
>> ** **
>>
>> Option 2 is very consistent with the initial key request, but seems
>> overly complex for a periodic heartbeat related to the same license.****
>>
>> ** **
>>
>> If we feel heartbeat is common enough, another option would be to add
>> explicit support for heartbeat, as is the case for key release. However,
>> unlike key release, heartbeat can be handled within the existing APIs, and
>> we want to avoid adding specific features to the API as much as possible.
>> ****
>>
>> ** **
>>
>> Mark has provided his input in the bug. Does anyone else have a
>> preference?****
>>
>
>
>
>  --
> Yang
> Huawei
>
>
>
Received on Saturday, 23 June 2012 00:13:19 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:56 UTC