Re: [EME] Users of "persistent-release-message" (secure proof of key release for non-persistent licenses)? from David Dorwin on 2015-03-19 (public-html-media@w3.org from March 2015)

From: David Dorwin <ddorwin@google.com>
Date: Thu, 19 Mar 2015 14:52:14 -0700
To: Bob Lund <B.Lund@cablelabs.com>
Cc: "public-html-media@w3.org" <public-html-media@w3.org>
Message-ID: <CAHD2rsg6F-a0TL0+JhpOEwF+pEj=xSqUOgNkyWs+4fPND+pPjA@mail.gmail.com>
On Thu, Mar 19, 2015 at 2:30 PM, Bob Lund <B.Lund@cablelabs.com> wrote:

>
>
>   From: David Dorwin <ddorwin@google.com>
> Date: Thursday, March 19, 2015 at 3:24 PM
> To: Bob Lund <b.lund@cablelabs.com>
> Cc: "<public-html-media@w3. org>" <public-html-media@w3.org>
> Subject: Re: [EME] Users of "persistent-release-message" (secure proof of
> key release for non-persistent licenses)?
>
>
>
> On Thu, Mar 19, 2015 at 1:56 PM, Bob Lund <B.Lund@cablelabs.com> wrote:
>
>>
>>
>>   From: David Dorwin <ddorwin@google.com>
>> Date: Wednesday, March 18, 2015 at 4:33 PM
>> To: Bob Lund <b.lund@cablelabs.com>
>> Cc: "<public-html-media@w3. org>" <public-html-media@w3.org>
>> Subject: Re: [EME] Users of "persistent-release-message" (secure proof
>> of key release for non-persistent licenses)?
>>
>>
>>
>> On Wed, Mar 18, 2015 at 2:19 PM, Bob Lund <B.Lund@cablelabs.com> wrote:
>>
>>>
>>>
>>>   From: David Dorwin <ddorwin@google.com>
>>> Date: Wednesday, March 18, 2015 at 2:30 PM
>>> To: "<public-html-media@w3. org>" <public-html-media@w3.org>
>>> Subject: [EME] Users of "persistent-release-message" (secure proof of
>>> key release for non-persistent licenses)?
>>> Resent-From: "<public-html-media@w3. org>" <public-html-media@w3.org>
>>> Resent-Date: Wednesday, March 18, 2015 at 2:31 PM
>>>
>>>    Several of the open bugs that have been proposed for discussion at
>>> the f2f relate to "persistent-release-message
>>> <https://w3c.github.io/encrypted-media/#idl-def-MediaKeySessionType.persistent-release-message>"
>>> sessions. Other than Mark, is anyone planning to use such sessions in an
>>> application? If so, please reply with information about your use case
>>> before the telecon on March 31, to give the group time to plan for possible
>>> face-to-face discussion.
>>>
>>>
>>>  It would appear that the Limited Concurrent Streams via Key Release
>>> <https://www.w3.org/wiki/HTML/Media_Task_Force/EME_Use_Cases#Limited_Concurrent_Streams_via_Key_Release> requires
>>> the "persistent-release-message" session type. Support for this use case is
>>> important to a number of large service providers.
>>>
>>
>>  Limiting concurrent streams is important to many content providers, but
>> do these large service providers to which you refer use a (persistent)
>> secure proof of key release to do enforce such limitations? For context,
>> there are other ways to enforce concurrency limits, including Limited
>> Concurrent Streams via Key Renewal
>> <https://www.w3.org/wiki/HTML/Media_Task_Force/EME_Use_Cases#Limited_Concurrent_Streams_via_Key_Renewal>
>> .
>>
>>
>>  Key renewal is an acceptable alternative when the CDM has network
>> connectivity to the license server. What about the case where there isn't
>> network connectivity? In this case the app would want to notify the server
>> of key release once re-connected. Would this be a  persistent-license
>> <https://w3c.github.io/encrypted-media/#idl-def-MediaKeySessionType.persistent-license>
>>  or persistent-release-message
>> <https://w3c.github.io/encrypted-media/#idl-def-MediaKeySessionType.persistent-release-message>
>>  session?
>>
>
>  Can you describe the use case(s) you are thinking about? Specifically,
> what is the reason for lack of network connectivity?
>
>  For example, one such use case is offline (i.e. on an airplane). In that
> case (Persisted License / Offline
> <https://www.w3.org/wiki/HTML/Media_Task_Force/EME_Use_Cases#Persisted_License_.2F_Offline>),
> the app would download the content to the device and use
> "persistent-license". Both the content and license are persisted locally
> and can be used at any time. The license remains until explicitly removed.
> This can be performed and/or reported to the server next time the user is
> online.
>
>
>  This is the use case but the wiki description is out of date as it
> refers to a "persistent" session type. I'm asking what the equivalent is -
> "persistent–license" or "persistent-release-message". I'm guessing
> "persistent-license" but want to make sure.
>

Yes, "persistent-license". I've updated that wiki page to reflect this and
other API changes.

>
>
>>
>>>
>>>  Note: This session type specifically relates to persisting a secure
>>> proof of key/license release for *non-persistent* licenses for later
>>> retrieval. It does *not* apply to release messages related to
>>> persistent licenses (“persistent-license
>>> <https://w3c.github.io/encrypted-media/#idl-def-MediaKeySessionType.persistent-license>”
>>> sessions) or even release messages from “temporary” sessions that do not
>>> need to be persisted.
>>>
>>>  David
>>>
>>>
>>
>
Received on Thursday, 19 March 2015 21:53:04 UTC