Re: A proposal on EME

You're telling me that... about what matters with this standard there isn't
a way to control, restrict or limitate the future implementations. So we
better throw away the EME standard. The view you give about it gives out
the control of our computers without limits to content distributors. And
they discard any responibility by arguing the editors are the ones who
require DRM and the editors say it's for the authors. In reality authors
get from 7 to 10 percent of the benefits. That is next to nothing.

Copyright is a set of privilleges the governments give to favor the
creation so the people get books, movies, music, etc. It's a contract to
make people lives better. But you, for such contract to continue, want to
rip off freedom from the people it is supposed to serve. It's much better
to finish the agreement and preserve the freedom.


2013/10/2 Glenn Adams <glenn@skynav.com>

>
> On Wed, Oct 2, 2013 at 9:43 AM, Mhyst <mhysterio@gmail.com> wrote:
>
>> Well, at a great extent, browser vendors are gathered here. Don't pretend
>> this to be a separated matter.
>>
>
> I'm not pretending. The Media TF's position (and perhaps the WG as a whole
> - though I'm not sure this question has been explicitly put to the WG) is
> that it is a separate matter. You are effectively asking to change this
> position. To do this, I am suggesting that you contact Browser vendors who
> are implementing EME. If you can't persuade them to change this position,
> then it is unlikely you will be able to convince the TF (or WG) to change.
>
>
>>
>> The question is: do you pursue content protection or user control? If the
>> answer is "content protection" then let's create a "content protection"
>> standard. So I think this is the right place to discuss about this.
>>
>
> The semantics of EME does not go into such details, which more properly
> fall under the semantics of specific CDMs. From the perspective of EME,
> such details are effectively out of scope.
>
> EME is not a content protection specification.
>
>
>>
>>
>>
>> 2013/10/2 Glenn Adams <glenn@skynav.com>
>>
>>>
>>> On Wed, Oct 2, 2013 at 9:21 AM, Mhyst <mhysterio@gmail.com> wrote:
>>>
>>>> Hello,
>>>>
>>>> The main problem with EME is that CDM have little or no restrictions at
>>>> all. That is too much power for the CDM developers and many people won't
>>>> trust them. We've talked about the security and privacy risks it may
>>>> convey. I think this is an obstacle in the path to advance EME.
>>>>
>>>
>>> The implementation of the CDM is part of the User Agent (Browser)
>>> implementation. The W3C generally does not specify how Browsers are
>>> implemented, and, as far as EME is concerned, the CDM implementation is not
>>> relevant to EME API semantics.
>>>
>>> It may be that in the future some Browser vendors will create a
>>> specification for a CDM API and its externally visible behavior. It is even
>>> possible that such work could be brought to the W3C. I would suggest you
>>> contact Browser vendors to pursue this matter further.
>>>
>>>
>>>>
>>>> I propose a radical modification to EME including the controlled
>>>> execution of the CDM. Sandboxing the execution of the CDM code, like
>>>> SecurityManager class does for Java, will restrict the CDM to just
>>>> decryption. The code can still be secret but not many people would complain.
>>>>
>>>> Sorry for my bad english. I'm sure someone can give much better
>>>> explanation than I'm able to do. I hope we can work in a real solution
>>>> without giving out users privacy and security.
>>>>
>>>> Cheers
>>>>
>>>
>>>
>>
>

Received on Wednesday, 2 October 2013 18:36:20 UTC