Re: Request to add parameters to createSession (bug 17660)

On Tue, Oct 30, 2012 at 10:20 AM, Joe Steele <steele@adobe.com> wrote:

> [steele] I am arguing for keysystem-specific appData that is created by
> the application. I don't think this is an issue since the initData being
> passed in alongside the appData is clearly not keysystem-independent.
>

Do you not consider this (non-keysystem-independent initData for BMFF) a
flaw? I sure do. It's introduced a tremendous amount of complexity into our
implementation, forcing us to bake awareness of the available PSSHs in a
file into eight different backend services that otherwise could have been
(and indeed are, for WebM) unaware of the distinctions in availability.

Optional features are not free. They are a tax on library writers, browser
implementors, testers, and service providers; they mean additional
decisions and opportunities for error for authors; they mean additional
vendor lock-in and thus less choice for users. I don't think that this spec
is quite to the point of inevitable adoption across the industry, and that
means that we have to weigh the addition of optional features against the
potential cost of jeopardizing the adoption of the spec due to
fragmentation and overcomplexity, and I just don't see the cost savings of
not running a few TLS frontends weighing up against the potential for
compromising a video DRM system that frees users from limited platform
choice and a crappy user experience. The cost of running a billion rounds
of AES are dropping fast, but the cost of missing this opportunity will be
with us for a long time.

Received on Tuesday, 30 October 2012 17:54:55 UTC