W3C home > Mailing lists > Public > public-html@w3.org > February 2012

Re: Open Source implementations Re: Encrypted Media proposal (was RE: ISSUE-179: av_param - Chairs Solicit Alternate Proposals or Counter-Proposals)

From: Mark Watson <watsonm@netflix.com>
Date: Tue, 28 Feb 2012 04:13:43 +0000
To: Kornel Lesiński <kornel@geekhood.net>
CC: "<public-html@w3.org>" <public-html@w3.org>
Message-ID: <B3289059-8FB2-4BD3-B8C6-FEF60F291EE0@netflix.com>

On Feb 27, 2012, at 7:54 PM, Kornel Lesiński wrote:

On Tue, 28 Feb 2012 01:55:18 -0000, Mark Watson <watsonm@netflix.com<mailto:watsonm@netflix.com>> wrote:

There are also use cases where the content provider, for whatever reasons, is confident that authorized users will not pass the key or content to unauthorized users and in these cases too the "clearkey" system has value.

Sorry, I don't see logic in this.

If user is trusted not to share the content, how can there be value in ineffectively trying to protect content from being shared?

There are authorized and unauthorized users. The content should not be shared with the unauthorized ones and this can be done by encrypting it - both in storage and transport.

But there could be cases where the authorized users are trusted not to share the content or the keys. For example, if the video is a family video and the authorized users are members of my family, I may trust them not to share the content outside the family just because I ask them not to. Or the authorized users may all be employees of a company and recognize the importance to the company of not sharing the content outside the company.

I'm sure there are other examples. I was just arguing that clearkey has some utility compared to Henri's proposal to just use https in these cases.

...Mark


--
regards, Kornel Lesiński



Received on Tuesday, 28 February 2012 04:14:13 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 9 May 2012 00:17:46 GMT