W3C home > Mailing lists > Public > public-html-media@w3.org > June 2012

Re: [EME] Support for multiple initData values in a single session?

From: David Dorwin <ddorwin@google.com>
Date: Sat, 23 Jun 2012 18:58:12 -0700
Message-ID: <CAHD2rsjJTt7VJyTXSBcWDGbSBrOPbKecnO1c6w2_sQGykHgApg@mail.gmail.com>
To: Mark Watson <watsonm@netflix.com>
Cc: "<public-html-media@w3.org>" <public-html-media@w3.org>
On Tue, Jun 19, 2012 at 8:27 AM, Mark Watson <watsonm@netflix.com> wrote:

>  Hi David,
>
>  If we define a session by the rule that different sessions represent CDM
> state that needs a different lifecycle (create/update/delete), then there
> could at least be a one-to-many relationship between initData and sessions.
> i.e. the same initData block could be used to create multiple sessions.
>
Yes, though that seems like a less likely use case. My concern is that the
current draft does not allow a many-to-one relationship (i.e. multiple
initData blocks within a single session) and whether that is a problem.

>
>  I don't equate this as being a "single license exchange" - as per the
> other discussion on heartbeat and key rotation, the CDM can ask for a
> message exchange at any time and whether these message exchanges result in
> new 'licenses' inside the session state depends on how you define
> 'license'. Since we're not defining 'license' ourselves it must be up to
> the CDM.
>
I was using "single license" to refer to the keys/permissions for a single
initData (i.e. key or set of keys for a single stream). I did not mean to
imply a limitation on what can occur within a session or how the license
might be obtained or maintained.

The current draft assumes generateKeyRequest is only called once (and each
time it is called, a new session ID is generated), so the _application_ can
only request key(s)/license(s) once per session. The CDM can request new or
renewed licenses (as in the heartbeat discussion), but the application
cannot (i.e. if it encounters new initData).

>
>  There are two approaches for the use case where a single session can be
> used to decrypt multiple files (e.g. audio/video).
> 1) we require that all the necessary initData is included in both files,
> so the session can be initialized with one initData and when the other file
> is encountered the CDM will discover that there is a session already
> created with all the necessary state (for example the initData contains the
> key ids and the CDM recognizes it already has those keys).
>
I'd prefer not to do this since it imposes an artificial requirement on the
media files.


> 2) we would need to provide multiple initData blocks to a single session
>
If we are going to support the use case, we probably need to do this. We
would need to decide how and whether all initData values (i.e. from
multiple files) need to be provided at the beginning or can be added later
(i.e. found later in the file or after a stream switch).

>
>  In (2), it's not certain that providing additional initData to a session
> will result in a new message exchange.
>
Is there a use case for providing additional initData other than to cause a
key/license for it to be requested? Or were you just observing this might
be the case, such as with the current APIs?

>
>  Also, when new initData is encountered, who should decide whether a new
> session is required or whether this initData can be absorbed into an
> existing session ? Probably the CDM, right ?
>
As with most things in the proposal, I think the application should be
responsible for making this decision. The initData is not known to the CDM
until the application provides it. (The media element provides it to the
app, not the CDM.)


> If we use the object-oriented design, do we just overload the method which
> creates a new session (from some initData) so that it can either create a
> new one or return an existing one ?
>
I think that if we allow initData to be added, it would be via a new method
on the session object. This may look something like:
var session = video.createKeySession();
session.generateKeyRequest(initData1);
...
session.addKey(keyForInitData1);
...
session.generateKeyRequest(initData2);
...
session.addKey(keyForInitData2);

This results in multiple "license exchanges" within a single session. The
application could, of course, bundle them before sending them to the server.

Since the exchanges share a single session ID and can be correlated in that
way, we probably don't need the ability to bundle multiple initData values
within the CDM (i.e. via generateKeyRequest()). I think supporting that
would complicate the API.

>
>  ůMark
>
>
>
>
>  On Jun 11, 2012, at 10:34 PM, David Dorwin wrote:
>
> In the current draft, each successful call to generateKeyRequest()
> generates a new session. Since initData is passed to generateKeyRequest(),
> each initData would be in a separate session. I'd like to get feedback on
> whether separating each initData into a separate session or object would be
> a problem.
>
>  Possible issues with only allowing one initData value per session
> include:
>  * Each session is a separate license exchange.
>  * Applications that care about session IDs will need to deal with
> multiple IDs.
>  * In the potential sessions as objects design (
> https://www.w3.org/Bugs/Public/show_bug.cgi?id=16613), each session would
> be a separate object.
>
>  The following are some possible scenarios where multiple initData values
> may occur:
>  * Audio and video are in separate files and have different initData.
>  * Different tracks or bitrates have different initData.
>  * A container supports multiple initData values.
>
>  To allow multiple initData values per session, we would either need to
> separate session creation from providing initData or allow an array of
> initData to be provided. Both solutions would work in both the current
> and sessions as objects designs. However, note that since needkey events
> may occur at different times, the application might not know when it has
> all initData values that it needs to send. In addition, initData values
> that are encountered later (i.e. after a stream switch or later in the
> container) could not be added to the session. Addressing that would
> probably require changing the 1:1 license/session ratio.
>
>
>
Received on Sunday, 24 June 2012 01:59:02 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:56 UTC