- From: <bugzilla@jessica.w3.org>
- Date: Tue, 13 May 2014 16:09:20 +0000
- To: public-html-bugzilla@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=25434
Mark Watson <watsonm@netflix.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |watsonm@netflix.com
--- Comment #6 from Mark Watson <watsonm@netflix.com> ---
There are several reasons why EME should be restricted to having session
communication mediated by the application:
1) At least some limited security analysis with respect to the same origin
policy is possible
2) Development of cross-platform applications is greatly simplified if there is
consistent behavior across CDMs - typically, capabilities exposed by web
specifications are entirely consistent in their behaviour across platforms. In
this case we unfortunately cannot escape some differences (different platforms
may support different CDMs), but we should constrain the CDM behavior as far as
we can to be consistent.
3) The model in which a DRM communicates directly with a license server can be
implemented by browsers without EME. However, this hasn't happened. EME
introduces a new, distinct, model in the hope that this will succeed for the
browser space where the old model failed.
Finally, the modifications to existing DRM systems required to support the EME
interaction model are simple compared to the modifications required to
integrate with a browser at all. There does not seem to be a compelling
implementation-effort reason to lift the restriction.
This aspect of EME has been central to the proposal from the very first
discussions at the Web and TV workshop more than two years ago. It would be a
significant change in direction to relax it. In fact I would rather that we
strengthen this requirement in some normative way.
--
You are receiving this mail because:
You are the QA Contact for the bug.
Received on Tuesday, 13 May 2014 16:09:22 UTC