[foms] Proceedings to FOMS

Silvia Pfeiffer silviapfeiffer1 at gmail.com
Sun Oct 10 05:30:31 PDT 2010


On Sun, Oct 10, 2010 at 10:28 PM, Jeroen Wijering
<jeroen at longtailvideo.com>wrote:

> Hey everyone,
>
> I have a question on the "DRM" community goal:
>
> *) Show a demo of how to use DRM with WebM
>
> I think supporting "real" DRM is not required per se. It might be more
> about offering publishers different ways to protect video content. In the
> end there's a tradeoff between decent content protection ánd a decent way
> for users to legidly access the content (cross-platform, fair prices, etc).
>
> That said, there seem to be three general mechanisms for content
> protection:
>
> *) URL signing (all CDNs / Flumotion): The URL to a video is signed with an
> MD5/SHA1 digest that includes geo, ip, time, referrer or user-agent
> restrictions. Protects good against leeching but not really against
> downloading. Implementation is easy (small module / script) and solely
> serverside.
> *) Data encryption ( Apple HLS / RTMPE): Blocks of video data are encrypted
> on the server and decrypted inside the client. Protects good against both
> leeching and downloading. Both serverside and Client-side work is needed
> though. This can be both in-browser (e.g. by adopting Apple's AES-128
> encryption), but it can also be done in javascript: get video data using
> websockets » decrypt data » use something like videoTag.append(videoData).
> *) Rights management (PlayReady, FlashAccess): Individual client access to
> individual files is centrally managed. Protects good against both leeching
> and downloading; access can even be revoked. Client-side work is needed,
> probably inside the UA since the JS layer can be easily compromised.
> Serverside work is needed too, since there's no "open DRM" server available
> (contradictio in terminis?).
>
> Is this a decent overview; are there content protection schemes missing?
> What is already possible with currently available tools; and what would be
> interesting to implement?
>


Hi Jeroen,

I'm not even sure it's a goal of this community to show how to use DRM-like
mechanisms - I just had it in my notes from the discussions and there was
talk of it, probably motivated by your company's experiences actually. So, I
didn't want to lose sight of it.

I think what you have listed is a good summary and I wouldn't mind having
that published somewhere - if you don't mind it can go into the FOMS wiki.
My impression was that there was a focus on the second mechanism and there
on a JavaScript implementation. I would be most keen to see implementations
of all three, actually!

Cheers,
Silvia.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.annodex.net/cgi-bin/mailman/private/foms/attachments/20101010/474dfc95/attachment.htm 


More information about the foms mailing list