Re: Open Source implementations Re: Encrypted Media proposal (was RE: ISSUE-179: av_param - Chairs Solicit Alternate Proposals or Counter-Proposals)

On Tue, Feb 28, 2012 at 3:55 AM, Mark Watson <watsonm@netflix.com> wrote:
>
> On Feb 26, 2012, at 11:01 PM, Henri Sivonen wrote:
>
> (If you are OK with revealing the unscrambled content
> to the user and only want to hide it from third parties, you just use
> https.)
>
> On this point, specifically, the user, content provider or both may also
> wish to hide the content from third parties whilst it is stored on network
> servers as well as during transport. http services from CDNs are cheaper
> than https services and https brings with it a number of operational
> complexities.

I see. If the CDN is treated as an adversary but the user isn't,
there's no need for open-ended vendor-specific CDMs, to address this
case. Instead, it would make more sense to standardize one
general-purpose HTTP payload decryption layer (using a flavor of AES
that encrypts every run of n bytes independently so that seeking can
work without having to read the stream from the beginning) like Hixie
said in the other thread.

A single mechanism that doesn't have secret parts of implementation is
superior to pluggable CDMs, because a single non-secret standard
mechanism avoids vendor lock-in.

-- 
Henri Sivonen
hsivonen@iki.fi
http://hsivonen.iki.fi/

Received on Wednesday, 29 February 2012 07:34:54 UTC