- From: Joe Steele <steele@adobe.com>
- Date: Fri, 19 Oct 2012 16:08:46 -0700
- To: Mark Watson <watsonm@netflix.com>
- CC: Steven Robertson <strobe@google.com>, "<public-html-media@w3.org>" <public-html-media@w3.org>
- Message-ID: <4D9B8860-BC50-4079-8326-B38DEE6E52C9@adobe.com>
Replies inline -- Joe Steele steele@adobe.com<mailto:steele@adobe.com> On Oct 19, 2012, at 12:45 PM, Mark Watson wrote: Hi Joe, I tend to agree with Steven, though I also completely agree with what you say below about TLS. One of the objectives of the EME was to enable client scripts to be largely or entirely keysystem-agnostic (except in the actual selection of a preferred keysystem, when there is a choice). As things stand the procedure is always the same: take the initData from the needkey event, pass it back to create a MediaKeySession and then ferry messages to and fro between the CDM and the application server. Adding a space for appData creates scope for keysystems to place keysystem-specific requirements on what that contains, requiring keysystem-specific procedures on the client side. If, however, you are proposing that the appData is *opaque to the CDM*, then things might be different. i.e. the appData would be an opaque BLOB that the CDM is supposed to include within the license request message (protected by whatever mechanisms the CDM uses to protect its messages). Is that what you meant ? I'd have to think further about that. [steele] I am not sure I see the distinction here. I can already append opaque data to the initData passed in createSession from the client app. However I would have to include additional logic in the client app to encode the opaque data in a way that key-system wants. With my proposal - any CDM (including ClearKey) can use the information directly or encode it appropriately for the key server without having the encoding logic in the app itself. Regarding TLS, we have been working in the W3C WebCrypto WG to define cryptographic primitives and key storage such that you can build lightweight secure application protocols in Javascript without TLS. [steele] I considered that option, however it does not address my concern about additional encoding logic. I would prefer not to burden the app developer with writing security protocol code in their app. I could solve this in a variety of ways, e.g.: * built security protocol logic into every app that supports my CDM * allow the CDM to bring up its own user interface for gathering information * allow the CDM to snoop into the DOM and pull out predefined fields All of these seem more intrusive and less developer-friendly than what I have proposed. Joe …Mark On Oct 16, 2012, at 9:36 AM, Joe Steele wrote: Although the specific use case I cited was for authentication, this could be used by an application to include any additional information for the key system to use in subsequent key requests while not relying on TLS channel security. I have some specific reasons for not wanting to rely on TLS for this usage: 1. Establishing a TLS channel requires several back and forth messages, while a protocol that relies on known keys can be more succinct. This is a significant network scaling concern when you are talking about delivering millions of licenses (for example an Olympic event). 2. High-availability TLS endpoints are more expensive than the same server without TLS. 3. Relying on TLS requires that the root for the servers certificates be trusted on the client end. You have to purchase those certificates from one of a relatively small group of trusted vendors in order to be immediately compatible across a wide range of browsers, which introduces additional cost. Relying on an independent PKI infrastructure (while more difficult to setup) allows for some additional scaling benefits. 4. Relying on the browsers trusted roots leaves the user (and the key system) vulnerable to TLS-proxy attacks (http://www.thoughtcrime.org/software/sslsniff/). Having a more limited set of trusted roots limits the effectiveness of these attacks. I believe this change will make authors lives easier by allowing them to build high availability video applications while not limiting them to a single mechanism (TLS) for maintaining user confidentiality. This will also encourage them to write their UI in HTML as opposed to relying on browser specific behaviors/configuration for securing their information gathering. I don't believe this would encourage any more fragmentation than will exist naturally. I believe a reasonable default behavior for clearKey would be to include the additional parameters in a JSON envelope along with the key request as you have indicated you are doing. Joe Steele steele@adobe.com<mailto:steele@adobe.com> On Oct 15, 2012, at 4:19 PM, Steven Robertson wrote: This seems like it would encourage fragmentation across key systems, which would compromise the usability of the spec for authors. I'm not sure I understand the reason authentication or other side channel information couldn't be obtained through more standard means (e.g. credentialed XHR or query parameters). Further, it seems that this would not afford any additional protection against client-side manipulation or forgery. The only effective difference between passing information in the proposed manner and passing via standard means appears to be that the former is proprietary to a particular key system. Is there another motivation for this change which I'm not seeing? Our current prototypes have thus far been successful in remaining format- and key-system-agnostic except in the places where such parameters are directly required. We do this by wrapping all license requests and responses in a JSON envelope on an HTTPS request that provides a consistent, cross-environment, cross-key-system approach to common tasks such as credential verification, descriptive error signaling, and request retry. This has greatly simplified our application infrastructure and license server interface. I would very much like to maintain that simplicity, and I suspect that the proposed change would lead us away from that. On Mon, Oct 15, 2012 at 1:40 PM, Joe Steele <steele@adobe.com<mailto:steele@adobe.com>> wrote: I reopened this bug a few weeks ago because I would like to see a mechanism for passing application level parameters down into the CDM when the key session is created. As I said on on of the recent calls, my reasoning is that some CDMs may transmit authentication/authorization data in-band (that is via CDM-specific mechanisms). An example of this would be: <script> function handleKeyNeeded(event) { var video = event.target; var initData = event.initData; var appData = { username: "foo", token: "A53DF98700ABFE11", sessionNonce: "DJKGDH+!9861XxbODY1287x===" }; if (!video.keys) video.keys = MediaKeys("com.example.somesystem"); if (!video.keys) throw "Could not create MediaKeys"; var keySession = mediaKeys.createSession(mimeType, initData, appData); if (!keySession) throw "Could not create key session"; keySession.onkeymessage="handleMessage(event)"; } function handleMessage(event) { var keySession = event.target; var message = event.message; var xmlhttp = new XMLHttpRequest(); xmlhttp.open("POST", "http://.../getkey", false); xmlhttp.send(message); var key = new Uint8Array(xmlhttp.response); keySession.addKey(key); } </script> <video src="foo.dash" autoplay onneedkey="handleKeyNeeded(event)" onkeymessage="handleMessage(event)"></video> The appData parameter would be optional and NULL by default. CDM's which do not handle this parameter could simply ignore it if passed. This is a use-case which would be used by at least one content protection mechanism today, possibly more than one. Joe Steele steele@adobe.com<mailto:steele@adobe.com>
Received on Friday, 19 October 2012 23:09:14 UTC