W3C home > Mailing lists > Public > public-html@w3.org > March 2012

Re: Encrypted Media proposal (was RE: ISSUE-179: av_param - Chairs Solicit Alternate Proposals or Counter-Proposals)

From: Mark Watson <watsonm@netflix.com>
Date: Fri, 2 Mar 2012 20:11:19 +0000
To: Maciej Stachowiak <mjs@apple.com>
CC: Henri Sivonen <hsivonen@iki.fi>, Silvia Pfeiffer <silviapfeiffer1@gmail.com>, "<public-html@w3.org>" <public-html@w3.org>
Message-ID: <5DFEA2F1-1EFC-4717-B9CB-E0F91BAECC0F@netflix.com>

On Mar 2, 2012, at 11:43 AM, Maciej Stachowiak wrote:

> On Mar 2, 2012, at 4:23 AM, Henri Sivonen wrote:
>> Aside:
>> PlayReady, Marlin and Widevine (and, from making inferences from the
>> UI, Adobe's Flash DRM, too) support use cases that aren't essential
>> for Web video. Web video could go a long way with streaming-only DRM.
>> For streaming, it's enough for the DRM to work during streaming. That
>> is, secrets in the CDM can be ephemeral. PlayReady, Marlin and
>> Widevine are designed to support use cases where the end user holds
>> onto encrypted media files for extended periods of time. This means
>> that secrets in the CDM need to stay secret for extended periods of
>> time and there's a lot of red tape about protecting those secrets for
>> extended periods of time, since it's a big deal if the secrets leak.
>> For the streaming use case, if the CDM secrets are compromised, the
>> CDM could be updated soon with new and differently obfuscated secrets,
>> since it's OK to invalidate keys related to past streams. Thus, the
>> red tape around protecting CDM secrets doesn't need to be as severe as
>> with PlayReady, Marlin or Widevine.
>> Even if we accepted the idea of CDMs that contain secrets, it seems
>> like a bad idea to tie browsers to CDMs whose secret management
>> regimes' level of red tape is geared towards use cases that aren't
>> essential for streaming video on the Web.
> I don't know about individual CDMs, but I believe the proposal is geared significantly towards support of DRM'd streams, thus the support for key rotation through an out-of-band channel. For DRM of downloaded, non-streamed resources, I don't believe this would be necessary, at least given the way many popular DRM schemes work.

The streamed case is certainly the one that Netflix cares most about (obviously).

Subscription and rental models for online streaming are well-understood by customers. The use of content protection in these contexts does not cause the kind of customer frustrations (that have been described on this list) that can happen in a download-with-license context. Subscription and rental services obviously only work as long as the provider is still in business. That you can use the service on any device that supports it and not on others is also obvious (even tautological).

However, these are product differences, not a question of good and bad technology. We don't use committees to decide which products are good and which are bad.


> Regards,
> Maciej
Received on Friday, 2 March 2012 20:11:49 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 29 October 2015 10:16:21 UTC