[Novalug] EFF to Security Researchers: Tell the W3C To Protect Researchers Who Investigate Browsers
John Holland
jholland@vin-dit.org
Wed Mar 30 18:51:21 EDT 2016
> On Mar 30, 2016, at 6:43 PM, Bryan Smith <b.j.smith@ieee.org> wrote:
>
> John Holland wrote:
>> In a way I like the idea of a standard for DRM, but there are some problems-
>> 1. tech is changing so fast, de facto standard(s) like iTunes may supplant official ones
>
> iTunes is the de facto standard?
> I guess I missed out on that one, with all my Amazon purchases.
I meant that historically - showing my age
>
>> 2. whoever (w3c? DARPA? RIAA?) controls the standard may exercise control (censorship) over content
>
> They control HTML5 DRM?
> Are people missing the standard here?
just hypothetically - for instance SSL certs that go back to mainstream vendors cost money, etc
>
>> 3. can it be done in a pretty open way? I think PGP and HTTPS work pretty well, but they don’t handle money.
>
> Ummm ... isn't that what the DRM interface in HTML5 is trying to do
> ... for HTTP (including HTTP-SSL for transfer of private keys)? ;)
>
I don’t actually know anything about the DRM in HTML5, was just speaking hypothetically.
> Provide a PKI and related tracking facility, a standard set of
> interfaces, routines and OS-agnostic facilities, which establishes the
> content-consumer relationship. The former provides the keying, the
> latter gets keys.
>
>> 4. Will it be tied to proprietary OSs or applications?
>
> Isn't the purpose of HTML5 to get away from that, in all interfaces?
>
>> 5. will it interfere with people developing applications that work with it?
>
> Ummm, again, isn't that the purpose of HTML5?
>
>> I have at times been an advocate for everything being wide open
>> but I don’t feel that way these days.
>
> It's an interface with requirements people.
>
> That means it's documented, it is platform-agnostic, and gets away
> from things having any non-HTML5, non-HTTP protocol based
> dependencies.
>
> If it's not in HTML5, it definite _will_ be 1-2 vendors (or their
> self-interested "consortiums") taking proprietary control. That I can
> almost guarantee!
>
>
I think we’re kind of in agreement about this stuff actually……..
>
> --
> Bryan J Smith - http://www.linkedin.com/in/bjsmith
> E-mail: b.j.smith at ieee.org or me at bjsmith.me
More information about the Novalug
mailing list