- From: Christian Kaiser <kaiserc@google.com>
- Date: Tue, 6 Mar 2012 08:34:06 -0800
- To: Kornel Lesiński <kornel@geekhood.net>
- Cc: "public-html@w3.org" <public-html@w3.org>
- Message-ID: <CACinLHVy5mmhT+bqEWbyg+igL4uJruH5BSaMTRkG18W_zvLtBw@mail.gmail.com>
On Tue, Mar 6, 2012 at 02:01, Kornel LesiĆski <kornel@geekhood.net> wrote: > On Tue, 06 Mar 2012 06:11:01 -0000, Christian Kaiser <kaiserc@google.com> > wrote: > > For the record, YouTube is interested in ClearKey. It's obviously subject >> to negotiations and business decisions that are yet to happen, but >> ClearKey may provide enough robustness for *some* use cases. >> YouTube is also interested in other "shades of gray" between ClearKey and >> commercial CDMs in terms of maximum robustness, so that more use cases >> can be covered. It would be interesting to explore how robust an open >> source, >> royalty-free CDM can be. >> >> It seems like a good idea to create a "playground" that enables these >> kinds of explorations. The proposal at hand does that. I hope we'll see it >> in >> action one day. >> > > That is good news! > > In terms of clearkey, is http+aes scheme a satisfactory solution? > As far as I can tell, ClearKey and http+aes are equivalent in maximum robustness. The framework that ClearKey is intended to be plugged into is highly desirable, though, because it enables other CDMs, too. Therefore, ClearKey seems the better solution. > By the "shades of gray" solutions, do you mean other uses of ClearKey > (such as combining it with JS-based key obfuscation) or non-clearkey CDMs? ClearKey is relatively low on the scale of maximum robustness since the key is exposed to JS. Therefore, the actual robustness of its implementations will likely not be high enough for many use cases. However, it is royalty-free AFAIK (disclaimer: IANAL) and can definitely be implemented in open source. Commercial CDMs use a number of techniques to achieve higher maximum robustness, e.g. not exposing the key to outside the CDM, being renewable etc. As far as I know, existing commercial CDMs are not implemented in open source and are not royalty-free. It would be interesting to see whether it is possible to create a CDM that can still be implemented in open source and is royalty-free, but *more* robust than ClearKey, and therefore applicable in more use cases. The proposal at hand creates an environment in which this type of innovation is possible. I would therefore like to see it in action. Christian
Received on Tuesday, 6 March 2012 16:34:38 UTC