RE: http+aes

> From: Poul-Henning Kamp [mailto:phk@phk.freebsd.dk]
> Sent: Monday, 05 March, 2012 19:19
> To: Ian Hickson
> 
> The proffered strawman about copyright protection is not credible:
> 
> You cut and paste the link, and anybody who receives it can view
> the copyrighted object, and you have no idea who leaked it.

Actually, I think it's potentially worse than that. Consider this case:

- Publisher puts 100 copies of each resource on CDN, each encrypted with
a different key.
- When a registered user requests a copy of a resource from Publisher,
they're given one of the hundred keys, chosen at random; Publisher
records this {user,resource,key} tuple.
- As {resource,key} pairs are leaked, publisher can make a probablisitic
argument about which users are leaking keys. For a single {resource,key}
pair, publisher has already narrowed the search down to one percent of
the users who requested that resource.
- If a relatively small number of the keys for a given resource are ever
leaked, and some users are much more prolific leakers than others,
publisher can identify those "evil users" with good probability.

This potentially gives publishers a way to make probabilistic arguments
for pushing liability onto their customers (surprise!), at a 100x (or
whatever N a publisher thinks will be optimal) increase in storage
costs. And storage is cheap.

Would such an argument stand up in court? I don't know, but I wouldn't
want to be the one fighting it. And, of course, it puts users in the
position of having to prove their keys weren't stolen.

It also opens the door to region-locking schemes and similar annoyances.

-- 
Michael Wojcik
Technology Specialist, Micro Focus

This message has been scanned by MailController - portal1.mailcontroller.co.uk

Received on Wednesday, 7 March 2012 15:14:43 UTC