- From: Mark Watson <watsonm@netflix.com>
- Date: Mon, 10 Jun 2013 12:19:08 -0700
- To: public-restrictedmedia@w3.org
- Message-ID: <CAEnTvdCXw21Y2DsqP9WLSovmFa+=B-nEwmwo-meU2oQgQ0QkAw@mail.gmail.com>
On Mon, Jun 10, 2013 at 11:23 AM, Mats Palmgren <matspal@gmail.com> wrote: > On 06/10/2013 06:04 PM, Mark Watson wrote: > >> ... yes, I will need all users to trust me >> >> or, more precisely, today, the plugin provider I choose or, with EME, >> their User Agent provider. The shift from "plugin provider of my choice" >> to "User Agent of the users choice" is a big shift enabled by EME. >> > > No, it's NOT the "User Agent of the users choice" that you are asking the > user to trust - it's the *CDM* you are asking the user to trust. > A CDM that is a binary blob controlled by Hollywood. > The intent of EME is not to create an arbitrary plugin API for "binary blobs controlled by Hollywood". It is for User Agents to integrate with specific CDMs of their choice, the properties and functionality of which they know such that they can vouch for their functionality to their users. Or, if the CDM vendors refuse to provide such information to UA implementors the UA can highlight this lack of knowledge to the user or refuse to integrate with the CDM. I would expect UAs to pay special attention to the APIs that CDMs have access to: whether they have "side-channel" network access, disk access etc. To Nikos point, yes, you are right, it is not the same kind of trust in the UA that comes from studying the source code, but that does not meet it is devoid of value to have the UA implementor - who has different incentives from the CDM vendor or content provider - in the loop. It is entirely possible that the UA implementor has seen the CDM source code and makes their representations to their users on that basis. ...Mark
Received on Monday, 10 June 2013 19:19:36 UTC