A proposal on EME from Mhyst on 2013-10-02 (public-html-media@w3.org from October 2013)

From: Mhyst <mhysterio@gmail.com>
Date: Wed, 2 Oct 2013 17:21:50 +0200
To: "public-html-media@w3.org" <public-html-media@w3.org>
Message-ID: <CAF9YMwXzv120MQxU_seF14Hu3LMAOkak_BXzTuVw2YHC4bvBYw@mail.gmail.com>

Hello,

The main problem with EME is that CDM have little or no restrictions at
all. That is too much power for the CDM developers and many people won't
trust them. We've talked about the security and privacy risks it may
convey. I think this is an obstacle in the path to advance EME.

I propose a radical modification to EME including the controlled execution
of the CDM. Sandboxing the execution of the CDM code, like SecurityManager
class does for Java, will restrict the CDM to just decryption. The code can
still be secret but not many people would complain.

Sorry for my bad english. I'm sure someone can give much better explanation
than I'm able to do. I hope we can work in a real solution without giving
out users privacy and security.

Cheers

Received on Wednesday, 2 October 2013 15:22:23 UTC