The Ars Technica article makes it pretty clear the purpose behind EME is to keep any and all DRM out of the browser codebase and simply provide an interface to whatever mechanism the protected media requires. That way the chances of the browser (or anyone researching vulnerabilities in it) being involved in any kind of legal or technical DRM issue is slim to none. EME doesn’t handle rights management, decryption, decoding, anything that actually makes it DRM. All it does is handle key/license exchange and passes the encrypted media to the plugin. You might as well say HTTPS and SSL is DRM if you’re going to say EME is DRM.
The headline is inaccurate on both of the points it makes:
- EME is not a DRM standard. It’s an API standard for interfacing with multiple proprietary DRM systems.
- Any research into a DRM system that could potentially run afoul of the DMCA and lead to a lawsuit wouldn’t involve EME or the browser.
Every time Cory posts something about the W3C, it’s the same EFF echo chamber. Literally the exact same pages from the EFF, all linking to each other with no outside sources, every single time… and the non-EFF article offered at the end as new information always seems to contradict the EFF’s analysis!
