- From: Glenn Adams <glenn@skynav.com>
- Date: Wed, 2 Oct 2013 09:38:28 -0600
- To: Mhyst <mhysterio@gmail.com>
- Cc: "public-html-media@w3.org" <public-html-media@w3.org>
- Message-ID: <CACQ=j+cOST8vwffz_YM_6Yv7QvOrNkjuTQqv-TGxp7M52ezhFQ@mail.gmail.com>
On Wed, Oct 2, 2013 at 9:21 AM, Mhyst <mhysterio@gmail.com> wrote: > Hello, > > The main problem with EME is that CDM have little or no restrictions at > all. That is too much power for the CDM developers and many people won't > trust them. We've talked about the security and privacy risks it may > convey. I think this is an obstacle in the path to advance EME. > The implementation of the CDM is part of the User Agent (Browser) implementation. The W3C generally does not specify how Browsers are implemented, and, as far as EME is concerned, the CDM implementation is not relevant to EME API semantics. It may be that in the future some Browser vendors will create a specification for a CDM API and its externally visible behavior. It is even possible that such work could be brought to the W3C. I would suggest you contact Browser vendors to pursue this matter further. > > I propose a radical modification to EME including the controlled execution > of the CDM. Sandboxing the execution of the CDM code, like SecurityManager > class does for Java, will restrict the CDM to just decryption. The code can > still be secret but not many people would complain. > > Sorry for my bad english. I'm sure someone can give much better > explanation than I'm able to do. I hope we can work in a real solution > without giving out users privacy and security. > > Cheers >
Received on Wednesday, 2 October 2013 15:39:20 UTC