I have not been involved in W3C recently but this is not a W3C standards effort:
The Restricted Media CG will discuss and analyze methods of restricting access to or use of Web media, and their implementation on the open Web.
This group will not publish specifications.
The conversation is really not very unusual. The Netflix guy was asked what the requirements were that would need to be met and he answered that he can’t say because it is confidential. That is perfectly normal. The information is not being shared in an inner circle. It is information that they might want that is not available.
What would be an abuse is if the WG made a decision based on confidential information.
As I pointed out in another forum recently. Telling people that something is technically impossible is terrible strategy. It invites people to think up ways to do the thing that you are trying to tell people not to do.
What I can’t figure out is why this would be a feature of HTML5 at all. It is the wrong place in the stack. It is logically a HTTP mechanism because it is essentially an access control restriction plus an undertaking not to perform redistribution.
Even with a TPM chip to lock the crypto keys to the platform, the undertaking not to redistribute cannot be cryptographically enforced unless the whole display engine is inside the trustworthy, attested partition. and that is simply not viable on a general purpose platform. The only way that is possible at the moment is on a platform like an iPad or iPhone where the whole device is locked.
This comes under the heading of ‘legalizing the whorehouse’. It is often better to have people do things in the open where the efforts can at least be observed to avoid unintended collateral damage than to force the effort underground where it becomes a public health hazard.
If people hadn’t taken a scorched earth policy to the TPM chips we could be putting them to good use preventing real world attacks on Internet security. They would certainly help us close down a lot of the NSA attacks. But they would not do very much for the requirement unique to Copyright restriction enforcement (CRE) which is to enforce restrictions on an authorized user.
Copyright restriction enforcement is actually an even stronger requirement than is necessary for Content Rights Management (CRM) schemes to provide data level security in an enterprise. to be effective for CRE a system has to resist attack by someone with physical access to the device and tools such as $1 million electron microscopes. And the content is distributed to millions of devices and it is crack once, crack anywhere. I don’t care about that level of attacker for CRM, or rather don’t care very much. Machines can be examined physically.
I’ll try to get round to a podcast explaining this stuff after I have finished the series on how to secure email end to end.
When these arguments were last raised only a few of us had an understanding of the scale of the NSA/PLA/GRU/IRG apparatus and the threats they pose. Now thanks to Snowden there is better understanding of the NSA threat at least (but most are ignorant of the threat from China, Russia, Iran, etc. etc.). Defeating the MPAA is not the only concern that should shape discussion of Internet security.