- From: Adrian Hope-Bailie via WBS Mailer <sysbot+wbs@w3.org>
- Date: Mon, 03 Apr 2017 21:09:01 +0000
- To: public-new-work@w3.org
The following answers have been successfully submitted to 'Call for Review: Encrypted Media Extensions is W3C Proposed Recommendation' (Advisory Committee) for Ripple by Adrian Hope-Bailie. Regarding the "Encrypted Media Extensions" specification, the reviewer suggests changes, and only supports publication as a Recommendation if the changes are adopted [Formal Objection]. Additional comments about the specification: Ripple maintains it's position that nothing published as a W3C recommendation should introduce features to the Web platform that cannot be implemented fully, without requirements to engage in licensing agreements for proprietary software; or that place engineers, or security researchers at risk of prosecution when designing interoperable implementations. While we acknowledge the lengths that this WG has gone to, to isolate the CDM from the user agent, we don't believe the current state of testing or implementation experience demonstrates that a complete encrypted media system (including a CDM that is useful beyond theoretical demonstrations) can be delivered royalty-free. (We also note that a significant number of the Clear Key features are not implemented: https://w3c.github.io/test-results/encrypted-media/less-than-2.html) It is not clear that existing implementations of the specification go to sufficient lengths to warn users and developers of the risks they are under when they use this API and as a result install or use a proprietary CDM. To support the API in its current form the user agent must instead fulfill the role of agent of the publisher which we consider a major flaw. We request: 1. The WG to investigate a solution whereby the relationship that must be established for encrypted media to be delivered to a user agent is between the user and the publisher. Therefor there should be no requirement for the user agent to ship with anything but royalty-free (preferably open source) CDM implementations. The process for delivering protected content to a user via the user agent should involve delivery of keys (not software) to the user, following their acknowledgement of the risks they are undertaking by accepting this encrypted content. 2. the WG to present a clear path for implementors to implement this API, without the need for proprietary software components, that has widely demonstrated support from the media publishing industry. The reviewer's organization: - expects to use products conforming to this specification. Comments about products related to these specifications: The Interledger Community Group (of which Ripple is a member and contributor) is currently researching payment for digital content through micro-payments. One mechanism of doing this may be delivery of encrypted content that is decrypted by the CDM upon proof of payment. Answers to this questionnaire can be set and changed at https://www.w3.org/2002/09/wbs/33280/eme-pr-2017/ until 2017-04-13. Regards, The Automatic WBS Mailer
Received on Monday, 3 April 2017 21:09:07 UTC