Re: CfC: to publish Encrypted Media Extensions specification as a First Public Working Draft (FPWD) from Glenn Adams on 2013-01-31 (public-html-admin@w3.org from January 2013)

From: Glenn Adams <glenn@skynav.com>
Date: Wed, 30 Jan 2013 17:02:04 -0700
To: robert@ocallahan.org
Cc: Sam Ruby <rubys@intertwingly.net>, public-html-admin@w3.org
Message-ID: <CACQ=j+dyx8apu3U1OZEDr7izPFOMXsV4Wksj+H=zBWKJPSeiRA@mail.gmail.com>

On Wed, Jan 30, 2013 at 3:13 PM, Robert O'Callahan <robert@ocallahan.org>wrote:

> On Wed, Jan 30, 2013 at 2:40 PM, Sam Ruby <rubys@intertwingly.net> wrote:
>
>> Meanwhile, is there any way that you could sketch out the beginnings of
>> what could form the foundation for a concrete proposal that would address
>> your issue?
>>
>
> Here's what I have sketched out so far in my previous messages:
> 1) Require CDMs used with EME to be registered in a central registry.
> 2) To be registered, a CDM must be accompanied by
> documentation/specification that enables user-agents and content providers
> to interoperate with the CDM to the maximum extent possible.
>
> I've been thinking about requirement #2 a bit. Here is a proposed
> documentation requirement:
> Documentation should describe the complete operation of the CDM, in enough
> detail to enable independent implementation in user-agents and to enable
> content deployment by content providers, except for some set of secret keys
> whose values may be withheld.
>
> I believe HDCP for example already meets this bar --- and is widely
> deployed to a critical component of DRM for HD content --- so I think it's
> a reasonable requirement for a DRM system that we would bless as part of
> the Web platform.
>

So, you want to insist on a higher bar for CDMs than other modularizable
components? For example, there are no similar requirements for things like:

   - uri scheme/url protocol handlers
   - image decoders
   - video decoders
   - audio decoders
   - font decoders
   - input method editors
   - geolocation devices
   - media stream processors

While it is reasonable to define a voluntary registry, it is not reasonable
to require registration or to require that documentation be fully open. Who
would enforce this even if it were defined?

It is reasonable for particular UA vendors to impose their own business
requirements on integrable components. It is not reasonable to dictate that
all UAs follow the same policy.

Received on Thursday, 31 January 2013 00:02:53 UTC