Requirements for DRM in HTML5 are a secret


The work at the World Wide Web Consortium (W3C) on adding DRM to HTML5 is one of the most disturbing developments in the recent history of technology. The W3C's mailing lists have been full of controversy about this ever since the decision was announced.

Most recently, a thread in the restricted media list asked about the requirements for DRM from the studios — who have pushed for DRM, largely through their partner Netflix — and discoverd that these requirements are secret.

It's hard to overstate how weird this is.

Standardization is the process by which all the parties in a technical subject agree on how things should be done. It starts with a gathering of requirements — literally, "What is the standard required to do?" Without these requirements, it's hard to see how standardization can take place. If you don't know what you're standardizing for, how can you standardize at all?

DRM, by its nature, has secret requirements. That's why attempts to standardize it always end up with unworkable garbage, like the DVB's CPCM. DRM relies on me installing software on your computer that stops you from running other software. For example, you install a browser that plays video in such a way that another program on your computer can't grab the video as the browser shows it on the screen.

This is silly. It's your computer. Whatever steps the browser takes to obscure how it is playing the video back can be unpicked by you, at your leisure, so you can make a tool that gets around it.

Standards are, by their nature, public: they say, "This is what you are expected to do." But if you make DRM's workings public ("here's how we hide the keys from you"), you provide a roadmap for defeating it. Standardized DRM is an oxymoron, like a secret law.

The ensuing Hacker News thread is well worth a read on this.


Re: Watermarking [Re: Campaign for position of chair and mandate to close this community group]

(Image: Shh–Daily Image 2011–April 2, a Creative Commons Attribution (2.0) image from tinfoilraccoon's photostream)