Re: 2 questions

Just throwing it out here, since DRM over TLS is pointless, why not just fold DRM schemes into TLS using the existing client certificate authentication mechanism or the like?

By standardizing DRM in TLS we also kill a lot of interoperability issues (e.g. proprietary DRM plugins that is only compatible with one browser but not another) and privacy issues (e.g. spyware in DRM plugin) and all that is needed to make DRM work is the content provider issuing and authenticating client certificates.

The same DRM in TLS mechanism can also be extended to protocols like RTP and DLNA for streaming live content. 

Sent from my iPhone

> On Apr 10, 2015, at 16:37, Roland Zink <roland@zinks.de> wrote:
> 
> TLS is of limited use for the meta-information when the browser multicasts the URL in the Referer header to 10 or more analytic/ad/library sites. Also you not necessarily learn what is played from the meta-information.
> 
>> On 10.04.2015 01:24, Martin Thomson wrote:
>> On 9 April 2015 at 15:52, OSCAR GONZALEZ DE DIOS
>> <oscar.gonzalezdedios@telefonica.com> wrote:
>>> Generalizing,
>>> when you need to use Digital Rights Management, there are no additional
>>> benefits by encrypting again with TLS.
>> Only if you don't consider the meta-information to be valuable.  Using
>> DRM won't prevent someone from learning what you are watching.
> 
> 

Received on Friday, 10 April 2015 10:21:15 UTC