Main.OVC2011ContentProtection History
Hide minor edits - Show changes to output
October 03, 2011, at 09:20 AM
by - started page with notes from OVC
Added lines 1-43:
!! Content Protection Challenge
Mark Watson (Netflix)
Monday breakout group
Aim:
Make it technically difficult to copy video (content) that is made available on the Web.
Need:
* To make that work we need to provide encrypted media and secure distribution of keys
* You don't want to standardize the key and encryption algorithm
What API would be good to have in HTML?
* e.g. everyone does the same encryption algo, the key distribution is not standardized
* crypto API would be good
* API to provide keys for crypto algorithms
* just expose platform capabilities in the browser, e.g. OpenMAX
Current browsers do all the video decoding in software
How do you find out what crypto algos a platform supports?
Netflix has an API that they require all their DRM providers to expose to them\\
Mark walks us through it:
* authorize users at service level
* suggestion to introduce a key exchange that hands over the protected messages
* possible video extensions:
* events that appear on video element:
* protectionScheme
* keyRequest
* keyRelease
* keyResponse
* should work with anything, including widevine
* media framework needs to include protection scheme, or the platform needs to provide the functionality (through HW or proprietary installed sw piece)
Problem:
* DRM APIs are not standardized -> do that first
Question:
* Is this a fundamental issue that is not possible to solve in a browser, not desirable to solve in a browser, or just a big challenge to try and solve?
Criticism:
* please consider 'Freedom of Speech' & 'Fair Use' issues for journalists, filmmakers, etc. not able of accessing content (per example for social critical documentaries)
Mark Watson (Netflix)
Monday breakout group
Aim:
Make it technically difficult to copy video (content) that is made available on the Web.
Need:
* To make that work we need to provide encrypted media and secure distribution of keys
* You don't want to standardize the key and encryption algorithm
What API would be good to have in HTML?
* e.g. everyone does the same encryption algo, the key distribution is not standardized
* crypto API would be good
* API to provide keys for crypto algorithms
* just expose platform capabilities in the browser, e.g. OpenMAX
Current browsers do all the video decoding in software
How do you find out what crypto algos a platform supports?
Netflix has an API that they require all their DRM providers to expose to them\\
Mark walks us through it:
* authorize users at service level
* suggestion to introduce a key exchange that hands over the protected messages
* possible video extensions:
* events that appear on video element:
* protectionScheme
* keyRequest
* keyRelease
* keyResponse
* should work with anything, including widevine
* media framework needs to include protection scheme, or the platform needs to provide the functionality (through HW or proprietary installed sw piece)
Problem:
* DRM APIs are not standardized -> do that first
Question:
* Is this a fundamental issue that is not possible to solve in a browser, not desirable to solve in a browser, or just a big challenge to try and solve?
Criticism:
* please consider 'Freedom of Speech' & 'Fair Use' issues for journalists, filmmakers, etc. not able of accessing content (per example for social critical documentaries)