- From: Duncan Bayne <dhgbayne@fastmail.fm>
- Date: Wed, 16 Oct 2013 16:30:42 -0700
- To: David Singer <singer@apple.com>
- Cc: public-restrictedmedia@w3.org
> > The web is 'the place' for standards-compliant content that is > > accessible with anyone with the wherewithal to implement a > > standards-compliant client. It is not a place for DRM-restricted > > content. > > This is your *opinion*. No, it's the position of the W3C as stated on their website. Perhaps what is necessary is for them to adjust their mission and goals, but currently, that's the way it stands. > I am still waiting for you to get down to details; I gave a list of > pluses and minuses, do you really have nothing to add? If not, this > debate will stay vague and high-level, and probably have no effect at > all. Here's what I wrote originally about this on the W3C blog in reply to Jeff Jaffe ( http://www.w3.org/blog/2013/05/perspectives-on-encrypted-medi/#comment-13470 ): ===== > Duncan, lots of questions, let's see if I can do them all justice. Thanks :) And I appreciate the job of moderation here too - there's a very high signal to noise ratio which I hadn't expected for an issue this contentious. > You ask about how content protection relates to the objective of ensuring > the long-term growth of the Web. Of primary importance to me is that > people can get access to content - and that we don't have a situation of > certain content becoming a walled garden on the web or available only > through apps. So that is why we think it is important to address content protection. DRM is software that is designed to restrict a user from playing content on certain devices, in certain ways, and in certain locations. I think that is the very definition of a walled garden. I genuinely do not understand how you believe that supporting DRM will elminate walled gardens. In the best case we will have moved from an ad-hoc collection of walled gardens, to an ad-hoc collection of walled gardens with the support and moral endorsement of the W3C. If your concern is genuinely to eliminate the need for apps, and the enclosue of content in walled gardens, why not use your considerable influence in opposition of DRM altogether? > Frankly, I don't understand the question about insisting that compliant > implementation respect geographic location. As a general rule, we don't provide > conformance testing and have no way of insisting what people implement. That was my point :). The W3Cs mission states that: "One of W3C's primary goals is to make these benefits available to all people, whatever their hardware, software, network infrastructure, native language, culture, geographical location, or physical or mental ability." Breaking down that list, we see that DRM is inimical to several goals: * hardware: DRM implementations are known for being hardware-locked; Netflix is the most prominent recent example, re. the ARM-based Chromebook * software: existing DRM implementations are tied to specific browsers and operating systems * geographical location: many (most?) DRM implementations implement geographical segregation (a.k.a. region encoding) That is, by lending support to DRM, the W3C is helping to ensure that at least some web content is restricted by hardware, software, and geopgraphical location. This is in direct opposition to several of your stated goals. > I also don't understand your question about trust. We have a great deal of > work in security, for example; much of which is necessary because we cannot > rely on trusting that everyone always does the right thing. Every time that we have > less security it actually causes less trust. Your question seems to imply that by > the ideal system is totally trusting, but truthfully a totally trusting system gets > hacked all the time and reduces trust. It was poorly expressed, my apologies :( To put it a different way: DRM removes control of certain aspects of a device that I own, and places it in the hands of another. It does so in a manner that could not be less trustworthy: most DRM solutions are proprietary, closed-source applications. This means that I can't rely on others to audit it for me (as with FOSS) and I can't audit it myself. Some DRM implementations in the past have been so aggressive in their usurpation of control that they have qualified as malware; the Sony rootkit is a particularly egregious example of this. DRM actively reduces the trustworthiness and security of all machines on which it is installed. It has to by design: its stated purpose is to restrict the capabilities of a general purpose computer. ===== -- Duncan Bayne ph: +61 420817082 | web: http://duncan-bayne.github.com/ | skype: duncan_bayne I usually check my mail every 24 - 48 hours. If there's something urgent going on, please send me an SMS or call me.
Received on Wednesday, 16 October 2013 23:31:10 UTC