(In reply to comment #0)
> The abstract of the spec says "No "DRM" is added to the HTML5 specification,
> and only simple clear key decryption is required as a common baseline."
> 
> This should better describe how the underlying implementation of a DRM/content
> protection system is not included in this spec, not required to implement the
> spec, and that the spec mediates access to such a system allowing the page to
> communicate with a license service as necessary.

I propose the following text to replace the statement above:

"This specification does not define a content protection or Digital Rights Management system. Rather, it defines a common API that may be used to discover, select and interact with such systems as well as with simpler content encryption systems. Implementation of Digital Rights Management is not required for compliance with this specification: only the simple clear key system is required to be implemented as a common baseline.

The common API supports a simple set of content encryption capabilities, leaving application functions such as authentication and authorization to page authors. This is achieved by requiring content protection system-specific messaging to be mediated by the page, rather than assuming out-of-band communication between the Content Decryption Module and a license or other server."

I like it.

nit: We might want to avoid specific terms like "Content Decryption Module" in the abstract. Maybe replace it with "encryption system".

While we're editing the Abstract, we should try to address bug 16543 too. That is, we should have one cohesive update that introduces the document.

Assigned to Adrian to add text. Will also ensure that bug 16543 is addressed by this change.

*** Bug 16543 has been marked as a duplicate of this bug. ***

Fixed. Change set -> http://dvcs.w3.org/hg/html-media/rev/1ca7610af922