- From: H <holyfsm0@gmail.com>
- Date: Wed, 10 Dec 2014 15:38:54 -0700
- To: "public-restrictedmedia@w3.org" <public-restrictedmedia@w3.org>
On Tue, Dec 9, 2014 at 9:09 AM, Mark Watson <watsonm@netflix.com> wrote: > Holyfsm, > > An improbable honour indeed... > > I don't think anyone has suggested that it will be easier for a browser to > integrate with a CDM through EME than to support NPAPI plugins. Mozilla and > others have pointed this out as a disadvantage that EME has over NPAPI. > However, I don't think anyone has used this as an argument against the move > to deprecate NPAPI. EME is presently the only path we have to deprecation of > NPAPI without losing support for applications that require DRM. > > A key difference between the EME model and NPAPI is that browsers are > expected to explicitly integrate with particular CDMs, rather that provide > support for arbitrary downloaded code. This is what enables UAs to offer > improved privacy and security guarantees compared to the NPAPI model, but it > does come with some work for the User Agent implementors. Hmm, ok. I didn't mean to argue against deprecation of NPAPI. When I said compared to flash I was thinking more of the way Chrome and Chromium do it, using PPAPI (which I believe is their successor to NPAPI), which does include sandboxing among other things. And they use the same interface both for flash and for the Widevine CDM, so it just seemed odd that while Chromium can use the flash PPAPI plugin just fine it can't (perhaps isn't allowed to based on some observations) use the Widevine CDM PPAPI plugin. But I think your next point sheds some light on that. > > As they did with NPAPI, it would be possible for the browser implementors to > come together and agree on a common API for CDMs, which would simplify the > integration somewhat. The work Mozilla is doing with mutual validation > between CDM and open-source sandbox is certainly interesting. Ok, I guess "mutual validation" may be the explanation here. So, from what I've read about Mozilla's work on this, CDMs have specific requirements about the host application that loads them and will refuse to be loaded by an executable that cannot be verified to meet these requirements. Is that correct? It would explain why Chrome is allowed to load the Widevine .so and Chromium isn't. And yes, what Mozilla is doing is indeed interesting. So, it would seem that any open source project wishing to integrate with a Mozilla supported CDM could potentially use their sandbox and interface with it using the IPC interface designed by Mozilla. That would be good news for interoperability, assuming that the CDM's license allows such use. And finally, one question about Netflix, if possible. Is the CDM that Mozilla is working on integrating with approved for streaming Netflix content (including HD content)? Or more in general, is the kind of sandbox they are implementing acceptable for a CDM licensed to handle Netflix content? > > ...Mark > > > > > > On Mon, Dec 8, 2014 at 12:08 PM, H <holyfsm0@gmail.com> wrote: >> >> Assuming that a particular browser does implement the EME >> specification, is it expected that real-world CDMs will work with it? >> >> It has been suggested that this spec will improve the situation of >> open source browsers by allowing them to integrate with the small >> proprietary DRM modules easier than it currently does (with e.g. >> flash, silverlight, etc.). This sounds great in theory, but looking at >> what is actually happening, I'm wondering, was that the actual plan? >> >> Right now on Linux we have two browsers that support EME (that I'm >> aware of; please correct me if there are more). One of them is the >> open source Chromium browser and the other is the proprietary / >> closed-source Chrome browser, which is based on Chromium and adds a >> few extra bits. One of these extra bits is a CDM that is actually >> useful for something, that being Widevine for playing Netflix content. >> >> Interestingly (or perhaps as expected?) the open source version >> (Chromium), while fully supporting the EME spec and otherwise being >> able to run the same plugins that Chrome can (including proprietary >> plugins like Flash), cannot run the Widevine CDM. At first, it may >> seem that there may be some technical incompatibility that would be >> resolved in the near future, but upon further inspection, it appears >> that the CDM is actively refusing to load on the open source version >> of the browser. And, to my knowledge, all other browsers on other >> platforms supporting Netflix-compatible CDMs are also completely >> proprietary. >> >> Is that a temporary state, or is it what we have to look forward to? >> And if this is the future, was it the plan all along to only allow >> actually useful CDMs to run only on fully-closed browsers and not on >> open-source browsers that implement the EME interface (and are thus >> willing to interface with closed CDMs)? >> >>
Received on Wednesday, 10 December 2014 22:39:21 UTC