- From: Charles Pritchard <chuck@jumis.com>
- Date: Fri, 02 Mar 2012 19:47:41 -0800
- To: Boris Zbarsky <bzbarsky@MIT.EDU>
- CC: Mark Watson <watsonm@netflix.com>, "<public-html@w3.org>" <public-html@w3.org>
On 3/2/2012 7:31 PM, Boris Zbarsky wrote: > On 3/2/12 6:23 PM, Mark Watson wrote: >>> Yes, but my question is why the customer should need to worry about >>> a Netflix badge instead of just being able to buy a TV and watch >>> Netflix on it... >> >> That's exactly where we would like to get to. Exactly why we made our >> proposal. > > I think the problem I'm having is it seems like your proposal or > something like it is a possible step to get there but not at all > sufficient on its own. And whether it's actually sufficient will > depend on the exact policies surrounding CDM deployment... > > So we can easily end up with a situation which is no better than now, > except now enshrined in a standard. > > I realize you don't really have a way to alleviate my concern here. :( > May be helpful, because it has a graph. http://www.anandtech.com/show/4480/ti-omap4-first-to-be-awarded-netflix-hd-1080p-hd-sri-certification My concern on this spec will continue to be whether it can be proven useful for high security media transfer. My hypothetical system: someone has plugged an external device into an untrusted computer, it receives the video stream, and the low security key through that untrusted computer, it has a separate key system, which is combined with the low security key and the video stream, and magically, my Get Smart video-shoe shows me the classified feed. After which, it explodes. Anyway, I'm not a security expert, but I believe that use case will work out with the scheme being proposed. Which is why I'm ok with it. Otherwise, the link above provides the other area, where applications are theoretically blocked from snooping on the feed, and so I'm free from threat of malware catching my stream. -Charles
Received on Saturday, 3 March 2012 03:47:56 UTC