- From: Rick <graham.rick@gmail.com>
- Date: Tue, 14 May 2013 16:42:49 -0400
- To: Henri Sivonen <hsivonen@iki.fi>
- Cc: Mark Watson <watsonm@netflix.com>, Brendan Aragorn <gloppius@yahoo.com>, public-restrictedmedia@w3.org
- Message-ID: <CAGDjS3fAUXQCpD15tdhc+T7AkJbqTdpp7yP+b46hjh4QwriEEA@mail.gmail.com>
The MITM attack can only succeed on the initial one time negotiation of credentials. Easily resolved by installing the key first. I recommend sneakernet, it's what I use. Regardless, a DRM negotiation should/would be resolved after the trust relationship has been established by the page negotiation. So a vulnerability exists if that process is flawed, but it isn't the ssh MITM threat. On Tue, May 14, 2013 at 2:49 AM, Henri Sivonen <hsivonen@iki.fi> wrote: > On Tue, May 14, 2013 at 12:01 AM, Rick <graham.rick@gmail.com> wrote: > > UA's gain a level of trust with me by publishing their source so that it > can > > be vetted by the community at large. I don't trust them blindly. > > Publishing the source for CDM's would make it less threatening. I see no > > reason why this can't be done; ssh is open, and more secure for having > > published source. > > ssh is a bad analog, because the trust assumptions are different. When > Alice uses ssh to connect to sshd on Bob's server, the adversary is > neither Alice nor Bob but Cecil who is a MITM on the network and > controls neither the computer running ssh nor the computer running > sshd. > > In the DRM case, Alice runs a CDM in order to watch movies to which > Cecil own the copyright from a streaming service operated by Bob. The > adversary is Alice, so the CDM runs on a computer controlled by the > adversary. This makes the requirements for the CDM fundamentally > different from the requirements for ssh. > > But despite ssh being an inapplicable analog, in theory, it would be > possible to publish the source code of the CDM except for the CDM's > private key assuming that there exists a sufficiently strongly > obfuscating compiler that can obfuscate both the binary and the > runtime memory layout of the program. The source code of the compiler > could be published, too, if the ways the obfuscation functions work > can be parameterized from a random number generator. However, Alice > cannot be allowed to perform the CDM the build process. The CDM needs > to be built by someone that Cecil trusts to perform the build process > using the published compiler, the published CDM source and a > cryptographically strong random number generator for parametrizing the > compiler and for generating the CDM private key. That is, the source > disclosure would not involve the downstream freedoms associated with > Open Source. > > Don't hold your breath for the source for Hollywood-approved CDMs > being available without an NDA, though. Even though what I said in the > previous paragraph could work in theory, publishing the source code > for the CDM makes developing the obfuscating compiler postulated in > the previous paragraph a more difficult engineering undertaking than > developing an obfuscating compiler that may rely on the secrecy of the > CDM source code. > > -- > Henri Sivonen > hsivonen@iki.fi > http://hsivonen.iki.fi/ > -- Liked it, shared it, gave a thumbs up to the great JC and moved on in a smooth and efficient ballet of holy surfing designed to bring glory to the lord and spread bad spelling and grammar to the filthy masses. Amen.
Received on Tuesday, 14 May 2013 20:43:16 UTC