W3C home > Mailing lists > Public > www-tag@w3.org > February 2014

Re: Comments on w3ctag/eme/

From: Henri Sivonen <hsivonen@hsivonen.fi>
Date: Thu, 27 Feb 2014 10:22:45 +0200
Message-ID: <CANXqsRL3+TYf5Y-C_76OcXME9JmO7eAVbzfDWr65J3OirRyzHQ@mail.gmail.com>
To: Jim Taylor <jimktaylor54@yahoo.com>
Cc: www-tag <www-tag@w3.org>
On Thu, Feb 27, 2014 at 1:45 AM, Jim Taylor <jimktaylor54@yahoo.com> wrote:
>> From: Henri Sivonen <hsivonen@hsivonen.fi>
> ...
>
>> When software implemented by anyone can't be what acquires the keys, the next best solution for achieving platform independence seems to be defining a virtual machine that can be implemented by anyone as a white-box environment for executing a program that's so obscure that it's effectively a black box, so that the providers of such obscure programs would only need to target the virtual-machine platform instead of having to target every non-virtual platform. In the context of the Web Platform, a Web Worker executing JavaScript is the natural answer for an execution environment.
>
> How would this enforce restrictions on the use of the decoded media?
>
> If the 'virtual machine'  can be implemented by anyone then how can restrictions on the use of the outputs of the box be enforced?

This wouldn't prevent the capture of pixels or PCM samples. However,
the CDM JS program could perform client-side watermarking before
exposing the pixels or PCM samples. Compared to a no-DRM situation,
this would force (assuming the JS program indeed is sufficiently
obscure) user-distributed copies to be second-generation encodes and
the server-side wouldn't have to perform per-user watermarking and
could still enjoy the cacheability and computational load properties
that you get in the absence of server-side per-user watermarking.

Since mechanisms for hiding the pixels from the user are very
platform-dependent, pixel-hiding level of DRM is in conflict with
platform-independence. In particular, going from encrypted compressed
data to pixels is just computation and, therefore, can be performed is
obfuscated code running in a user-controlled environment. However,
going from pixels to photons is not mere computation. If you want that
step to be outside the user's control, you need to restrict the design
of the actual device in the user's possession, which inherently makes
the overall scheme platform-dependent.

As I noted in my initial message to this thread, I think Worker-based
solutions would face serious challenges in terms of their
competitiveness with device-resident CDMs on multiple counts.

-- 
Henri Sivonen
hsivonen@hsivonen.fi
https://hsivonen.fi/
Received on Thursday, 27 February 2014 08:23:12 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:33:24 UTC