- From: Glenn Adams <glenn@skynav.com>
- Date: Sun, 17 Feb 2013 19:02:03 -0700
- To: robert@ocallahan.org
- Cc: public-html-media@w3.org
- Message-ID: <CACQ=j+eReJSYL=FntE3HQmipiR=+4x--dwnKHqFCiVqKC5nWZA@mail.gmail.com>
On Sun, Feb 17, 2013 at 4:36 PM, Robert O'Callahan <robert@ocallahan.org>wrote:
> I told Glenn I'd follow up his comment
> https://www.w3.org/Bugs/Public/show_bug.cgi?id=20944#c2 on this list.
>
> Glenn Adams wrote:
>
>> (In reply to comment #0)
>>
> This "bug" report appears to assert that conceptual CDM architecture,
>> which is essentially a UA dependent implementation feature outside the
>> scope of EME, should be proscribed in terms of how a UA vendor chooses to
>> support specific CDM functionality and which functionality is to be
>> supported by that vendor.
>>
>> This form of mandate would represent an abrupt shift in the independence
>> of UA implementors in terms of which W3C specifications are implemented, as
>> well as how implementation specific decisions are made.
>>
>
> You seem to be objecting to the idea that a specification with extension
> points can require those extensions to be subject to some form of
> standardization. In previous email I provided evidence that this is common
> practice.
>
I consider the following to be (some, but not all) "extension points"
implicitly defined by HTML5:
- interface between UA and image codecs
- interface between UA and video codecs
- interface between UA and canvas context implementation
- interface between UA and url protocol implementation
The reason I consider them to be extensions is because the set of codecs,
contexts, and protocol services are unbounded, and not predefined by HTML5
or other referring W3C specifications. Nor does the referring
specifications define or mandate a minimum level of specific
implementations of these services. [Some external, non-W3C specifications
do define profiles that mandate specific minimum support.]
I am not disputing that one could standardize these extension points, and
some de facto standards have emerged, such as NSAPI. However, even then,
the set of extension implementations has not been standardized.
What I am claiming is that the CDM concept in EME is no different in
principle from any of the above extension points. In particular, the same
issues you cite for EME also hold:
- content interoperability when different UAs implement different sets
of codecs, canvas contexts, protocols, etc
- extension implementation interoperability when different UAs implement
different interfaces for integrating these extensions
[Whether a UA implementation prefers to call such an extension a "internal
module" or an "extension" is not relevant in my view. More specifically, I
am not suggesting that such an extension is associated with a user based
plug-in mechanism. It may be, it may not be.]
This state of affairs is simply a statement of fact about existing
interoperability issues without taking EME into account. If you wish to
dispute this characterization in separate thread, then I can do so, but my
experience as a browser developer informs my opinion and tells me this is
true.
> I agree that W3C specs usually haven't been explicit about it, but I think
> we as a community have assumed extensions that aren't standardized are a
> problem.
>
Clearly this is not a black or white issue. If it were, then we wouldn't
see UA specific features of any kind, we wouldn't see UA specific prefixed
implementations of pre-standardized Editorial Drafts (or pre-ED proposals).
We wouldn't see new experimental protocols or content formats. We wouldn't
see demands for data-* attributes, for user defined namespace support, for
custom CSS values, or a large variety of other never- or pre-standardized
features.
Since all of these extension points are not only present, but officially
sanctioned via standardized extension mechanisms, the problem is not
whether there are non-standard extensions, but how to manage the use of
extensions, and how to [eventually] promote to standard widely adopted
extensions.
That EME defines its processing semantics by making use of a didactic
device labeled CDM is not unusual in any manner. That EME does not choose
to pre-define a specific set of CDMs is also not unusual, but is in accord
with existing practices such as the separation of abstractions from
implementations, the division of semantics into abstract layers, etc.
I remember implementing a Layer 2 protocol called ChaosNet for
communicating with Symbolics work stations. I also remember implementing a
Layer 4 protocol called XNS-SPP to interoperate with Silicon Graphics work
stations. That these protocols could be used interoperably over Ethernet
and IP based networks attests to the notion of layering and abstraction of
the 7 level ISO protocol stack. Defining that stack did not requiring
pre-defining the bindings at each protocol layer.
Opposing EME because it doesn't pre-define CDMs or that by doing so reduces
interoperability seems like an exercise in throwing out the accepted
principles of software and system design. I hope that is not what you are
suggesting.
Going to back to your list, at the risk of repeating earlier discussion:
> -- if a UA vendor supports a media format, font format or canvas context
> that is not standardized and not on any path to standardization, then we
> have a problem. The size of the problem depends on how aggressively the
> vendor is promoting that feature and how much adoption it has received (or
> will receive).
>
The current HTML5 content architecture supports separation of the
standardization of mechanisms to use and access content (of different
forms) and the process of specifying and standardizing content formats and
protocols.
EME does exactly this. It provides a generic access API that is effectively
transparent to any specific CDM implementation. The process of specifying
and potentially standardizing specific CDMs, either in terms of their
intrinsic content and protocol semantics or their concrete interfaces (for
integrating with a UA) need not and should not precede the publishing of
EME itself.
By the logic that I've heard suggested, failing to publish EME without
publishing the ultimately used CDM protocols/interfaces is the same as
failing to publish HTML{Video,Media}Element APIs without choosing specific
video formats and a standardized code integration interface.
Since the W3C with strong industry support has chosen to publish
HTML{Video,Media}Element without mandating a minimum set of video codecs or
defining a codec integration interface, then it does not seem reasonable to
object to EME using principles that were not followed with media interfaces.
Is this the perfect world? No. But there is no such thing. We don't have
perfect knowledge of what we need either in terms of media format support
or content encryption support for the next 10 years or the next 1 year for
that matter. The architecture and process reflect this state of affairs,
and, therefore, the same principles should apply for EME.
> > Such an outcome would be antithetical to the mission of the W3C,
>> > and the W3C should not bless, appear to bless, or enable such scenarios.
>>
>
You appear to see this as black or white. The mission of the W3C is to
promote those principles that you cite below. Promotion does not guarantee
delivery. Even if it does deliver, it doesn't mean delivery occurs all at
once.
The content community and apparently the majority of UA vendors officially
support EME. The W3C Team has concluded that it is in scope of the HTML
Charter.
If there are reasonable, concrete actions that can be accomplished to
improve the semantics of EME or the API functions it defines, then I'm all
in favor of doing so. But claims that EME somehow threatens the mission of
the W3C or threatens the ability of a UA vendor to implement and deliver
EME functionality do not ring true to my ear or experience.
>
>> The W3C mission is well defined by its published documents and
>> particularly the W3C Process Document.
>
>
> How about this one?
> http://www.w3.org/Consortium/mission.html
> "Web For All: The social value of the Web is that it enables human
> communication, commerce, and opportunities to share knowledge. One of W3C's
> primary goals is to make these benefits available to all people, whatever
> their hardware, software, ..."
> "Web on Everything: The number of different kinds of devices that can
> access the Web has grown immensely. Mobile phones, smart phones, personal
> digital assistants, interactive television systems, voice response systems,
> kiosks and even certain domestic appliances can all access the Web."
>
> Restricting content to a particular UA runs counter to those goals.
>
Any restriction to content that depends on EME would come at the hands of
the UA vendor (by not supporting some CDM), the content author (by
requiring a specific CDM), or the content supplier/aggregator (by making
choices among available content with CDM dependencies). In none of these
cases is the restriction due to a limitation of EME as a specification.
This is no different than today's world with Flash and SilverLight, or with
certain UA dependent video codecs, etc. So, yes, I would agree that EME
doesn't solve the general interoperability problem that is permitted by EME
in terms of admitting multiple CDMs. But I would also insist that this is
not a new problem. Its one we have today with other content formats,
codecs, APIs, etc.
The W3C's mission in my reading is to provide useful specifications that
can be considered to represent some level of standardization that can be
implemented by UA vendors and content authors. While doing so, it should
promote interoperability and openness and market competition (of ideas and
technologies). What it should not do is play the role of policy gatekeeper.
There are competing and antithetical policies at play in the market and the
W3C should not endeavor to take sides one way or another. Taking sides is
just a form of censorship, no matter which side is promoted.
For example, on the issue of whether the W3C should "bless DRM controlled
content" by virtue of publishing EME, a technology that *could* be used to
disseminate such content, my response is:
- the W3C does not bless any specific usage of any technology it defines
- the W3C does not have ultimate control over which of the technologies
it defines are adopted by UA vendors or adopted by content authors
In other words, the W3C does not control the Web. It defines useful
technologies, guidelines, etc., that *may* be supported by implementations
and that *may* be used by content authors. There is no way around this
basic interoperability problem. EME doesn't change this state of affairs.
It is the marketplace (of ideas, technologies, business goals, content,
etc) that defines what the Web is. And today, that marketplace includes DRM
controlled content, disseminated every day to millions of users that
willingly pay for access to that content. EME does not change this
equation, except that it could improve interoperability by making content
available on a wider variety of devices than is the case if one is limited
to Flash and Silverlight.
>
> The development of the EME specification has occurred within the charter
>> of the HTML WG in accordance with the W3C Process (unless the reporter is
>> claiming otherwise).
>>
>
> Following the W3C Process is not enough to ensure that the W3C's goals are
> met. Creative decision-making will always be required.
>
The W3C goals you quote above do not include the concept that "every
content should or must be available to every user". Specifically, the W3C
mission does not preclude a market for paid access to content, including
reasonable measure to prevent unauthorized access.
>
> > My proposed fix is to have EME require CDMs to be registered in a central
>> > registry. To be registered, a CDM would have to meet the following
>> > conditions:
>> >
>> > 1) Documentation must be published describing the complete operation of
>> the
>> > CDM, in enough detail to enable independent implementation in
>> user-agents
>> > and to enable content deployment by content providers, except for some
>> set
>> > of secret keys whose values may be withheld. (Similar to but weaker than
>> > IANA's "specification required" registry policy.)
>> >
>> > 2) If the CDM vendor offers functionality to third parties to decrypt
>> > content that can be decrypted by the CDM, then it must publish
>> documentation
>> > describing how to implement the CDM using that functionality. (E.g. if
>> a DRM
>> > platform vendor implements a CDM using that DRM platform, other
>> consumers of
>> > that platform must also be able to implement the same CDM.)
>>
>> The reporter does not cite any technical reason why interoperability
>> would be enhanced in the presence of such a registry or reduced in the
>> absence of such a registry. However, given other similar registries, such
>> as the IETF MIME Type registry, it may useful to consider this suggestion
>> for the simple purpose of reducing the likelihood of CDM identification
>> conflict (though one might argue that the current specified use of a
>> reversed domain name already provides adequate identification conflict).
>
>
> That is not the goal of this registry. I agree that the goal of avoiding
> ID conflict doesn't justify a registry.
>
> I described some interoperability benefits of part 1 here:
> https://www.w3.org/Bugs/Public/show_bug.cgi?id=20944#c4
> I thought the benefit for part 2 was pretty clear from the parenthetical
> remark: part 2 ensures that if a CDM is implemented on top of a DRM
> platform, then any UA with an interface to that platform is able to
> implement the CDM.
>
Agreed, however:
- the existence of a CDM registry entry does not guarantee that an
implementation of the CDM is available on a given device (any more than
registry of a video codec format guarantees the video format is supported
on a device)
- the absence of a CDM registry entry does not prevent any set of CDMs
from being implemented and being available on a set of devices
For example, let's say MrBigContentCompany devises a CP system and
publishes a non-PAS definition of the system available to anyone for free
(both specification and IPR), but only under an NDA that limits disclosure
of an obfuscation technique used by the system. Let's call this system "
1.obfuscation.cdm.mrbigcontent.com".
Now, clearly the existence of this entry in a registry doesn't guarantee
that any or all UAs will implement it (they may be unwilling to sign the
NDA) or that any or all content authors will permit its use for
distribution (they might think the obfuscation inadequate).
On the other hand, the absence of this entry in a registry doesn't prevent
any UA from implementing or prevent any content author from requiring its
use for distribution. A significant community of support and use may emerge
over time. Eventually, a registry entry could be created (or not), but that
is independent of the utility or extent of use of the system.
My conclusion is that, while defining a registry is certainly reasonable
(and I would certainly support it if is similar in nature to the MIME Type
registry, i.e., permits vendor specific and private registrations with
reduced disclosure requirements), a registry is not a pre-requisitie for
publishing EME, and certainly not a pre-requisite for publishing a FPWD of
EME.
Regards,
Glenn
Received on Monday, 18 February 2013 02:02:53 UTC