W3C home > Mailing lists > Public > public-web-and-tv@w3.org > November 2012

Re: Unique identifiers and WebCrypto

From: Alexander Adolf <alexander.adolf@me.com>
Date: Fri, 09 Nov 2012 22:49:28 +0100
Cc: Seetharama Rao Durbha <S.Durbha@cablelabs.com>, "public-web-and-tv@w3.org WG" <public-web-and-tv@w3.org>, "public-webcrypto@w3.org Group" <public-webcrypto@w3.org>
Message-id: <EE1EBDAF-89B5-4F48-B17E-F86B7DF70BBA@me.com>
To: Mark Watson <watsonm@netflix.com>
Dear Mark,

On 2012-11-09, at 17:41 , Mark Watson <watsonm@netflix.com> wrote:

> [...]
> What we're discussing here are origin-specific pre-provisioned keys, so that, similar to the way Alexander describes, only code from https://netflix.com can access the https://netflix.com key.

Yes, that's what I figured the discussion would be about.

> Of course if the user can install new root certificates in their UA then any code of the user's choice can access the key. ekr made a nice proposal in another thread that would enable applications to detect this.
> Note that this topic is separate from DRM. Our use-case enables an application to achieve a secure binding to the device that is independent of the DRM.

A binding to the device - of what? The content? The Web app? I *suspect* you might be thinking of the former, effectively meaning authentication of the client to the service?

> In practice, choice of DRM in a world of many and varied devices is driven by many factors and players and as a result applications need to be DRM-agnostic as far as possible.
> [...]

Sounds slightly DVB-CPCM-ish?  ;-)

Thanks a lot and cheers,

Received on Friday, 9 November 2012 21:50:00 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:44:07 UTC