[Bug 21104] Distinguish between CDMs that allow the users to have digital access to the decrypted or decoded data versus those that do not. from bugzilla@jessica.w3.org on 2013-02-25 (public-html-bugzilla@w3.org from February 2013)

From: <bugzilla@jessica.w3.org>
Date: Mon, 25 Feb 2013 12:51:54 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-21104-2486-iTzBdaunwr@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=21104

--- Comment #3 from Fred Andrews <fredandw@live.com> ---
(In reply to comment #2)
> (In reply to comment #0)
> > 1.2.2 SCDM - Secure Content Decryption Module 
> > 
> > This section is non-normative.
> > 
> > The Secure Content Decryption Module (SCDM) is a generic term for a
> > CDM for which the user is technically able to access the digital
> > decrypted output of the CDM on user implemented web browsers and/or on
> > user implemented operating systems including open source
> > implementations.  The SCDM will typically offer transport level
> > security to prevent copying of the content by a third party while in
> > transit to the users computer,
> 
> I think EME shouldn't pretend to involve CDMs for use cases like this.
> AFAICT, the proponents of EME don't intend to deploy EME solely for
> transport-level security. Transport-level security is already addressed by
> https. If there truly was demand for masking content on CDNs from CDN
> operators, we should address that case with Hixie's http+aes—not with EME.
> 
> I object to EME suggesting that it addresses use cases of this kind.

I concur, it would be better if EME focused on the DRM use cases,
and this would be the best resolution to this issue - but this
should be clearly noted in the specification so we all agree on
what we are discussing.

However if the proponents insist on conflating both use cases in
the EME specification then it would at least help to clearly
define both so that both can be discussed distinctly within the
specification and in bug discussions.

It is not even clear from the EME specification if the 'clear key'
CDM is a DRM-CDM or a SCDM?

> > 1.2.3 DRM-CDM - a Digital Rights Management Content Decryption Module 
> 
> The real use cases for EME seem to involve only this sort of CDMs.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Monday, 25 February 2013 12:51:57 UTC