W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2013

DRM nonsense in HTML

From: Florian Bösch <pyalot@gmail.com>
Date: Tue, 12 Feb 2013 17:05:07 +0100
Message-ID: <CAOK8ODjQ4tWuhqs6h8yZiRfVzVnLXnahV-N92OVTAEBWKzOWcw@mail.gmail.com>
To: Webapps WG <public-webapps@w3.org>
DRM does not belong into HTML, nor into any kind of W3C standard. It does
not belong because it is not a technical capability or discipline, but a
pseudo-technical sounding attempt at obfuscation. There are fundamental
flaws with the whole media "industries" conception of DRM which are the

1) DRM attempts to use encryption with only one trusted party, obviously
that is doomed from the start.

2) In order for user-agents to do their jobs, they need to be able to
decode media to its raw representation. Since a browser cannot be trusted,
but is also the only party able to work with the data, DRM is not gonna

3) A standard is intended to define clearly how something works. There can
be no such standard for DRM because the intent is not technical, but an
exercise in obfuscation, which ipso-facto cannot be defined without defying
the intent purpose. As such it would be a standard of absence, where the
essential bits are left out, have to be left out.

4) A range of useful technical capabilities (Web Audio Data API, WebGL, CSS
shaders etc.) will not be able to work with such DRMed content precisely
because they would defy obfuscation.

5) Open source implementations of browsers cannot implement any DRM scheme,
because they would have to include an implementation into their source,
which ipso-facto, again defies the intent of obfuscation.

6) A DRMed media stream cannot trust a user-agent. It can also not trust
the operating system, the video driver or the audio driver. That leaves no
trustworthy party to actually implement the standard.

7) DRM schemes as a means of copy-protection are a red-herring of the media
industry. The real purpose is to create new barriers of entry to
competition. Interoperability is intentionally broken by means of
proprietary file-format that enjoy ridiculous legal protection. It cannot
be the purpose of the W3C to help an "industry" execute their
anti-competitive, market fracturing, barrier raising harebrained schemes. A
standard is supposed to make things work better for everyone, everywhere,
not the exact diametric opposite. A DRM standard would be exclusionary.

8) DRM methods are among the most patented technologies in existence. Any
standards body which dabbles in them and any browser vendor implementing
them would draw inevitable lawsuits from patent trolls
(non practicing entities) and real companies alike.

9) Since DRM relies solely on obfuscation, but a standard relies on
definition, the standard would be subject to a constant cat&mouse game. It
cannot be the intent of a standard to be a permanent provisorium.

Closing note: DRM is often touted by the media "industry" as a technology.
Its relationship to actual technology is about the same as the one of
faith-healing to the discipline of actual medicine. It cannot work, it
cannot be defined, yet it can hinder interoperability, ease of use and

Attempts at the corruption of standards bodies by the media "industry" (or
any other industry) have to be vehemently resisted. As a leading example of
this one needs to look no further than Microsofts subversion of ISO/ANSI on
document standards that set back adoption of common word processor
standards to this day.
Received on Tuesday, 12 February 2013 16:05:42 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 20 October 2015 13:55:56 UTC