Re: Encrypted Media proposal (was RE: ISSUE-179: av_param - Chairs Solicit Alternate Proposals or Counter-Proposals)

On Fri, Mar 2, 2012 at 11:59 AM, Tab Atkins Jr. <jackalmage@gmail.com>wrote:

> On Fri, Mar 2, 2012 at 10:42 AM, Glenn Adams <glenn@skynav.com> wrote:
> > On Fri, Mar 2, 2012 at 11:19 AM, Tab Atkins Jr. <jackalmage@gmail.com>
> > wrote:
> >> On Fri, Mar 2, 2012 at 10:14 AM, Glenn Adams <glenn@skynav.com> wrote:
> >> > On Fri, Mar 2, 2012 at 4:07 AM, Silvia Pfeiffer
> >> > <silviapfeiffer1@gmail.com>
> >> > wrote:
> >> >> On Fri, Mar 2, 2012 at 8:41 PM, Henri Sivonen <hsivonen@iki.fi>
> wrote:
> >> >> > On Thu, Mar 1, 2012 at 11:57 PM, Mark Watson <watsonm@netflix.com>
> >> >> > wrote:
> >> >> >> The underlying content protection systems are things like
> PlayReady
> >> >> >> (from
> >> >> >> Microsoft), Widevine (from Google) and Marlin. Adobe have
> something,
> >> >> >> but I
> >> >> >> don't know what they call it.
> >> >> >
> >> >> > As a co-proposer, does Microsoft plan to integrate PlayReady into
> IE?
> >> >> > As a co-proposer, does Google plan to integrate Widevine into
> Chrome?
> >> >> > Do the co-proposers plan to make their CDMs available to other
> >> >> > browsers? Do the co-proposers plan to provide APIs that'd allow
> >> >> > adding
> >> >> > other CDMs to their browsers?
> >> >>
> >> >> I'm confused. I thought the whole idea of the proposal was to just
> >> >> provide an API for adding CDMs into browsers such that when you have
> >> >> the library installed on your computer, any browser is able to make
> >> >> use of it, no matter if it's Google's Widevine library or Microsoft's
> >> >> PlayReady - e.g. Firefox would be able to make use of these and any
> >> >> other CDM library. There would be no need to implement something
> >> >> additional into browsers. If this is false, somebody better clarify
> >> >> how else it is supposed to work.
> >> >
> >> >
> >> > Yes, that is indeed the idea. But Henri keeps wanting to drill down
> into
> >> > the
> >> > CDMs themselves, which is really out of scope for the proposal.
> >>
> >> Given that the CDM is a necessary component of the mechanisms
> >> described in the spec, the details of the CDM are extremely relevant.
> >> There's no way to implement the spec without involving a CDM.
> >
> >
> > Of course, at the black box level for the purpose of defining the API
> > behavior of the CDM, it is necessary to define semantics. However, a
> single
> > instance of a no-op CDM (that translates plaintext to plaintext) would be
> > sufficient to verify that behavior and test the API. Any other details of
> > the CDM implementation, including licensing, trade secrets, patent
> > encumbrance, etc., should be out of scope. At least that's my opinion
> and I
> > would guess the opinion of the proposers.
> >
> > I understand, however, that a browser implementer may have interests in
> what
> > goes into a particular CDM if they have to put it in their product, but I
> > would suggest that is out of scope of discussing the utility or
> functional
> > usage of a CDM as accessed through the proposed interface.
>
> No.  Again, a working CDM is *required* for this API to be of any use.
>  If implementing a working CDM is troublesome or impossible for
> various reasons, that makes the API itself useless.
>

A no-op CDM is a working CDM. However, I agree that it is obviously the
case that there is an expectation in producing this proposal that non no-op
CDMs will be implemented and deployed. In that regard, I agree it is a fair
question to query the proposers (and others) on whether they have
intentions to build/deploy real world CDMs, and also that there is an
expectation that (eventual) implementation reports will include information
demonstrating that such real world CDMs have been tested. I presume there
is such intent, but it doesn't hurt to ask. However, I would argue that it
is not necessarily appropriate to ask (in this forum) for more details of
specific CDM implementations, such as licensing terms, etc.