- From: Andreas Kuckartz <a.kuckartz@ping.de>
- Date: 14 Oct 2013 11:55:24 +0200
- To: "Mark Watson" <watsonm@netflix.com>
- Cc: "public-restrictedmedia@w3.org" <public-restrictedmedia@w3.org>, "Milan Zamazal" <pdm@zamazal.org>
Mark Watson: > For the first group EME does not represent any change with respect to > this issue - except that the scope of the opaque component will be > dramatically reduced. In practice Google has already demonstrated with Chromebook that the opaque component with EME has been extended to the whole operating system. > consider what such a solution would need to look like: we would need a > non-user-modifiable component that was completely user-verifiable. > That is, which a user could look into in such a way that they can > obtain complete confidence about what it does - at least functionally, > up to some numerical values that may not be easily observable. > > Creating such a thing is challenging, but I don't know anyone who > would not welcome it if such a thing was created. Perhaps you could > get part of the way with multiple trusted third parties who were > provided with the information needed to verify the opaque components > and who would then publish their findings with a hash of the opaque > blob ? But this would not be good enough for everyone. For those who are interested in debates within the open source communities: There are are discussions and activities regarding Reproducible (Deterministic) Builds. Their aim is to protect against similar attack models. See: https://wiki.debian.org/ReproducibleBuilds (especially the links in the References section) Cheers, Andreas
Received on Monday, 14 October 2013 09:56:05 UTC