On Thu, Apr 16, 2015 at 9:57 AM, Ryan Sleevi <sleevi@google.com> wrote:
>
>
> We think this is still an important issue that needs solving if we're to
> offer a viable migration path from existing plugin-based solutions, and for
> content providers that may not have teams of engineers like Mark mentioned
> that can focus on the organization-specific challenges in getting to a
> secure default.
>
I have trouble understanding this comment. The problems we had, and
solved, in nginx, were entirely generic and in no way
"organization-specific". Anyone using nginx for the most basic web serving
of large objects at any kind of scale would have the same issue. nginx is
widely used and our solution will be available to anyone.
I don't mean to make a point for or against the mixed content approach, but
just that your comment above missed the point.
...Mark
>
> As it stands, the absence of this solution makes several much less secure
> or interoperable options more desirable, both from a technological
> perspective and a user-experience. While I'm happy to hear that Netflix was
> able to solve their challenges much sooner than anticipated, and am
> appreciative that they focused resources to solving the problem, I think as
> we look to provide a compelling story for EME over wholly-proprietary (...
> rather than partially-proprietary) solutions, or look to improve the user
> experience in streaming video with MSE vs the <video> tag, this is still
> very much needed.
>