- From: <bugzilla@jessica.w3.org>
- Date: Mon, 07 Apr 2014 20:18:02 +0000
- To: public-html-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25269 --- Comment #8 from Joe Steele <steele@adobe.com> --- (In reply to David Dorwin from comment #7) > (In reply to Joe Steele from comment #6) > > The > > information about how to use the key ID to decrypt content is contained > > within the PSSH. If the PSSH is not present, in general the DRM does not > > have enough information to retrieve the key needed to decrypt the content. > > Are you referring to information related to key chaining and/or domain keys? > CENC specifies AES-CTR mode, so it's unclear what else is necessary to map a > key ID to a decryption key and apply it. This is simple key acquisition, no chaining required. This has nothing to do with the encryption mode. This is about giving the CDM the information it requires to retrieve the key. I can give you two examples of information that might be required - the URL of the license server and the certificate used to encrypt for it. > > I wouldn't say that the key ID is not enough in general. There are plenty of > services in production where it is. It would be more precise for me to say that there are significant services in production for which this does not hold true. I agree - there are some DRMs that do not require more than the key ID because they manage everything on the server side. There are certainly services that rely on those specific DRMs. However the reason the CENC spec is written the way it is, is that for many DRMs the key ID alone is not enough to specify how to retrieve the key. -- You are receiving this mail because: You are the QA Contact for the bug.
Received on Monday, 7 April 2014 20:18:03 UTC