- From: Mhyst <mhysterio@gmail.com>
- Date: Wed, 2 Oct 2013 20:41:04 +0200
- To: Mark Watson <watsonm@netflix.com>
- Cc: Glenn Adams <glenn@skynav.com>, "public-html-media@w3.org" <public-html-media@w3.org>
- Message-ID: <CAF9YMwXM0MjGDg30B+bJ=nqu04_LcZLoLYKnsZWAzneL5FwBtg@mail.gmail.com>
Operating systems with DRM capabilities means handcuffs to me. This must be not permitted. Also hardware with DRM isn't acceptable. I prefer a world without movies than a world without freedom. 2013/10/2 Mark Watson <watsonm@netflix.com> > I'm sure browser implementors are considering whether what you propose is > technically feasible, that is, whether the CDM needs to perform any > functions that would be incompatible with sandboxing. Sandboxing certainly > brings privacy and security advantages. In some cases it may be feasible > and in others not. It may depend on the nature of the sandboxing > capabilities that are available on each Operating System. However, in some > cases, for example where the CDM makes use of DRM capabilities built into > the Operating System, it might not be feasible. > > The thing about a W3C specification, though, is that is can only specify > an API surface. And what really defines compliance to a specification is > the test suite. How would you write a test for whether the CDM is sandboxed > ? > > ...Mark > > > On Wed, Oct 2, 2013 at 8:43 AM, Mhyst <mhysterio@gmail.com> wrote: > >> Well, at a great extent, browser vendors are gathered here. Don't pretend >> this to be a separated matter. >> >> The question is: do you pursue content protection or user control? If the >> answer is "content protection" then let's create a "content protection" >> standard. So I think this is the right place to discuss about this. >> >> >> 2013/10/2 Glenn Adams <glenn@skynav.com> >> >>> >>> On Wed, Oct 2, 2013 at 9:21 AM, Mhyst <mhysterio@gmail.com> wrote: >>> >>>> Hello, >>>> >>>> The main problem with EME is that CDM have little or no restrictions at >>>> all. That is too much power for the CDM developers and many people won't >>>> trust them. We've talked about the security and privacy risks it may >>>> convey. I think this is an obstacle in the path to advance EME. >>>> >>> >>> The implementation of the CDM is part of the User Agent (Browser) >>> implementation. The W3C generally does not specify how Browsers are >>> implemented, and, as far as EME is concerned, the CDM implementation is not >>> relevant to EME API semantics. >>> >>> It may be that in the future some Browser vendors will create a >>> specification for a CDM API and its externally visible behavior. It is even >>> possible that such work could be brought to the W3C. I would suggest you >>> contact Browser vendors to pursue this matter further. >>> >>> >>>> >>>> I propose a radical modification to EME including the controlled >>>> execution of the CDM. Sandboxing the execution of the CDM code, like >>>> SecurityManager class does for Java, will restrict the CDM to just >>>> decryption. The code can still be secret but not many people would complain. >>>> >>>> Sorry for my bad english. I'm sure someone can give much better >>>> explanation than I'm able to do. I hope we can work in a real solution >>>> without giving out users privacy and security. >>>> >>>> Cheers >>>> >>> >>> >> >
Received on Wednesday, 2 October 2013 18:41:32 UTC