[Bug 21104] New: Distinguish between CDMs that allow the users to have digital access to the decrypted or decoded data versus those that do not. from bugzilla@jessica.w3.org on 2013-02-25 (public-html-bugzilla@w3.org from February 2013)

From: <bugzilla@jessica.w3.org>
Date: Mon, 25 Feb 2013 03:21:00 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-21104-2486@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=21104

            Bug ID: 21104
           Summary: Distinguish between CDMs that allow the users to have
                    digital access to the decrypted or decoded data versus
                    those that do not.
    Classification: Unclassified
           Product: HTML WG
           Version: unspecified
          Hardware: PC
                OS: Windows NT
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Encrypted Media Extensions
          Assignee: adrianba@microsoft.com
          Reporter: fredandw@live.com
        QA Contact: public-html-bugzilla@w3.org
                CC: mike@w3.org, public-html-media@w3.org

A common technical issue that needs clarification and definition is to
distinguish between CDMs that allow the user to have digital access to
the decrypted or decoded data versus those that do not.

This is needed to support discussion of a range of open bugs such
as: assessing the scope of the uses cases to open source web
browsers and open source operating systems, and for assessing
the security and privacy implications, etc.  For example, text
that addresses the privacy implications will need to separately
discuss these distinct CDMs.


I suggest adopting the following definitions to aid communication:

1.2.1. Content Decryption Module (CDM)

This section is non-normative.

The Content Decryption Module (CDM) is a generic term for a software
or hardware module that decrypts and/or decodes data.  A CDM can be
classified into either a SCDM or DRM-CDM defined below.  The
implementation of the CDM is transparent to the API and application
and a user agent may expose one or more CDMs to the API.  The
interface between the CDM is explicitly not defined here, and
a user agent update may be required to support new CDMs, but the
goal is to avoid the web app. needing to be changed.


1.2.2 SCDM - Secure Content Decryption Module 

This section is non-normative.

The Secure Content Decryption Module (SCDM) is a generic term for a
CDM for which the user is technically able to access the digital
decrypted output of the CDM on user implemented web browsers and/or on
user implemented operating systems including open source
implementations.  The SCDM will typically offer transport level
security to prevent copying of the content by a third party while in
transit to the users computer, but a SCDM also includes the degenerate
case of a CDM that has weak or no end to end encryption.  The set of
SCDMs is disjoint from the set of DRM-CDMs defined below.  It would be
expected that a SCDM could become an open standard and could be
implemented in an open source web browser and/or on an open source
operating syste.  A SCDM running in a proprietary stack does not make
the SCDM a DRM-CDM - it is the possibility that the user could use the
SCDM on their own stack.  A DRM-CDM being used without license on a
user implemented stack that bypasses restrictions does not qualify the
CDM to be defined as a SCDM.


1.2.3 DRM-CDM - a Digital Rights Management Content Decryption Module 

This section is non-normative.

The Digital Rights Management Content Decryption Module (DRM-CDM) is a
generic term for a CDM for which the user is technically restricted
from accessing the digital decrypted output of the CDM.  For example,
this could be done by the DRM-CDM author conspiring with a proprietary
operating system vendor to limit the users access to the decrypted
output, or it could be done by implementing the DRM-CDM in proprietary
hardware that restricts user access.  By definition a user implemented
(including open source) web browser could not implement an integrated
DRM-CDM as the user could technically access the decrypted output.  By
definition a user implemented operating system (including open source)
could not host a DRM-CDM as the user could technically access the
decrypted output.  A DRM-CDM would be expected to be licensed to
proprietary operating system vendors under restrictive terms, and the
DRM-CDM would be expected to use patented technology.  By definition
the set of DRM-CDMs is disjoint from the set of SCDMs.  A SCDM running
on a restricted proprietary stack does not make the SCDM a DRM-CDM, as
the user would have the option to simply switch to an more open
platform.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
Received on Monday, 25 February 2013 03:21:02 UTC