- From: Alexander Adolf <alexander.adolf@me.com>
- Date: Fri, 09 Nov 2012 22:49:28 +0100
- To: Mark Watson <watsonm@netflix.com>
- Cc: Seetharama Rao Durbha <S.Durbha@cablelabs.com>, "public-web-and-tv@w3.org WG" <public-web-and-tv@w3.org>, "public-webcrypto@w3.org Group" <public-webcrypto@w3.org>
Dear Mark, On 2012-11-09, at 17:41 , Mark Watson <watsonm@netflix.com> wrote: > [...] > What we're discussing here are origin-specific pre-provisioned keys, so that, similar to the way Alexander describes, only code from https://netflix.com can access the https://netflix.com key. Yes, that's what I figured the discussion would be about. > Of course if the user can install new root certificates in their UA then any code of the user's choice can access the key. ekr made a nice proposal in another thread that would enable applications to detect this. > > Note that this topic is separate from DRM. Our use-case enables an application to achieve a secure binding to the device that is independent of the DRM. A binding to the device - of what? The content? The Web app? I *suspect* you might be thinking of the former, effectively meaning authentication of the client to the service? > In practice, choice of DRM in a world of many and varied devices is driven by many factors and players and as a result applications need to be DRM-agnostic as far as possible. > [...] Sounds slightly DVB-CPCM-ish? ;-) Thanks a lot and cheers, --alex
Received on Friday, 9 November 2012 21:50:00 UTC