[Bug 17673] Define Initialization Data for implementations that choose to support the ISO Base Media File Format from bugzilla@jessica.w3.org on 2013-08-23 (public-html-bugzilla@w3.org from August 2013)

From: <bugzilla@jessica.w3.org>
Date: Fri, 23 Aug 2013 11:22:01 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-17673-2486-Y3aNlGDcji@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=17673

--- Comment #24 from Henri Sivonen <hsivonen@hsivonen.fi> ---
(In reply to comment #20)
> A device manufacturer can put a newer browser on a device with an older
> implementation of a protection system, and that older protection system
> might require something beyond key ID and URL. For instance, older versions
> of PlayReady require a checksum of the content key to be present in the
> initialization data in order to generate a challenge.

Are there legacy DRM implementations out there whose key exchange messaging
maps to EME other than PlayReady? That is, are we talking about something
that's truly a broader issue or something that's PlayReady-specific in
practice? For example, on the mailing list, it was established that existing
versions of Marlin don't match the EME architecture, so it seems that  in the
Marlin case, old implementations out there couldn't be leveraged anyway.

Even in the PlayReady case, it seems that in order  for the scenario you
mentioned to actually matter all the following would need to be true:
 * The old DRM system has API surface for emitting key requests and accepting
responses in discrete messages that map to the EME API.
 * Someone who cares can  and will actually deliver a newer browser for the
device.
 * The DRM part of the device doesn't support enough software renewability to
remove the pssh  requirement from the DRM initialization as a software update 
delivered together with the newer browser.
 * The old DRM system  has suitable  output capabilities for integrating into
the composition pipeline of the newer browser.

Especially considering how CE  vendors tend to treat they products as
ship-and-forget  software-wise,  it seems rather incredible that  situation
where all the above points are true could arise at all let alone be common.

Are there concrete cases where the above points could be true and where someone
is actually seriously contemplating shipping in your browser for a device that
has an older DRM system that can be made to work with EME on the device, but
the DRM system can't be renewed to waive the pssh  requirement?

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Friday, 23 August 2013 11:22:03 UTC