2017年10月25日
By 1月时特约编辑
专题文章

状态更新:加密媒体扩展和DRM的未来

7月6日, 2017, 蒂姆•伯纳斯-李, 万维网联盟(W3C)主席, 将加密媒体扩展(EME)移动到推荐状态. 虽然这一举动后来被上诉，最终决定被搁置, this felt like a good time to review the status of EME as a replacement for plugin-based DRM.

让我们回顾一下:什么是EME?

Briefly, EME is an API that lets browsers and other applications communicate directly with digital rights management (DRM) systems, replacing the functionality that plugins like Flash and Silverlight previously performed. 虽然很少有人哀悼插件的消失, this immediately complicated the lives of publishers that distribute content to browsers.

这是因为在基于插件的DRM世界中, 出版商可以与一个DRM提供商合作，将流传输到所有基于浏览器的目标. Publishers that used Adobe Flash used Access (now Primetime) DRM; those that chose Silverlight used PlayReady.

However, 一旦插件被淘汰, browser vendors had to incorporate one or more DRM technologies directly into their browsers. Predictably, Apple chose FairPlay, Google chose Widevine, and 微软 chose PlayReady. Mozilla最初选择了Primetime，然后将Widevine集成到Firefox中.

所以有了插件，你就可以用一个单一的DRM支持所有的浏览器. 与电磁辐射, 将受保护的内容分发到Chrome, IE/Edge, 和Safari, 你需要支持三个drm, 不仅仅是从许可的角度来看, 而且从编码和回放的角度来看. The licensing aspect is simple; the EME specification easily supports multiple DRMS in the same source file.

问题是多种不兼容的格式, 例如HTTP动态自适应流(DASH), 光滑的流, 和HTTP直播(HLS), 这些都需要运送到多个目标. 在很多情况下, this means that publishers have to store multiple sets of encrypted files to serve these targets, 增加存储成本，降低浏览器缓存的效率. Expanding support for DASH and new technologies like the Common Media Application Format (CMAF) are helping, 但是对于生产者来说，EME仍然比插件模型更加复杂和昂贵.

W3C做了什么?

根据其网站，W3C是国际社会 where Member organizations, a full-time staff, and the public work together to develop Web standards.” 蒂姆•伯纳斯-李, who is widely considered the inventor of web, heads the organization. 2017年7月6日，W3C发布了一份加密媒体扩展的评论处理及署长的决定. 该文件审查了成员对EME规范的所有反对意见, 总结如下:

The Encrypted Media Extensions specification remains a better alternative for users than other platforms, 包括出于安全考虑, privacy, 和可访问性, 利用Web平台. While additional work in some areas may be beneficial for the future of the Web Platform, 将EME规范作为W3C推荐标准仍然是合适的. W3C推荐标准的正式发布将在晚些时候进行.

Subsequent to this filing, the Electronic Frontier Foundation (EFF) appealed this decision. 我将在本文后面讨论这一点.

推荐状态是什么意思?

From the perspective of most W3C members and other parties interested in the theoretical appropriateness of EME, 辩论就此结束, 或者至少在上诉解决后是这样. 从实际使用EME的公司的角度来看, 比如浏览器和播放器开发商以及DRM供应商, 它的意义小得惊人. 不像H.264/H.265, 在标准正式确定之前，哪些不会在商业上发布, EME已经使用了2年或更长时间, 取决于浏览器.

为媒体写作, 作家桑德·萨拉斯说, “Web standards are usually developed in parallel with implementations and EME was no different. Two major browser manufacturers—微软 and Google—each had their own DRM technology and they were eager to get it on the market in a widely usable form. 虽然讨论正在进行中, their browsers implemented what seemed to be the most sensible opinion of the day and sometimes created custom API extensions where there was no EME-provided solution.”

Saares goes on to describe how that commercial usage tended to reduce the urgency of creating and finalizing the specification, 和观察, “早在一两年以前，EME就已经在实践中成为板上钉钉的事了. It is in widespread use and blocking standardization will not get rid of EME or change what browsers do. 在许多方面，EME是在浏览器的摆布下生存下来的，而不是相反.”

W3C主管蒂姆•伯纳斯-李似乎同意这一观点. 在他的长篇博客文章中， “关于HTML5中的EME，” 解决了许多对电磁干扰的反对意见，伯纳斯-李说:

When a company decides to distribute content they want to protect, they have many choices. 记住这一点很重要.

如果W3C不推荐EME，那么浏览器供应商就会在W3C之外使用它. 如果EME不存在，供应商可以创建新的基于JavaScript的版本.

从这个角度看, the W3C recommendation is more a ratification of the work already implemented than a directive to be observed by those who implement. 也就是说，这并不意味着该规范没有基本目的. 除了为所有用户详细记录规范之外, the final spec sets expectations regarding one of the key issues that hindered its adoption.

EME在W3C成员中引发了哪些担忧?

提出了一些问题，可分为两类, 对DRM的一般关注和对EME实现的关注. Berners-Lee disposed of the generic DRM-related concerns in his comments above; basically, 付费内容公司不会发布没有DRM的内容, 所以要么W3C将其包含在规范中, 或者浏览器行业整合了DRM.

Most of the EME implementation concerns related to the fact that the content decryption modules (CDMs) actually inserted into the browser code were black boxes, so users couldn’t tell if they were accessing personal data or installing some kind of malware on the computer. These concerns are not totally unfounded, as Sony was caught doing that in 2005 in the famed rootkit丑闻. 对于苹果的可能性，你可以得出自己的结论, Google, 微软, 或者Mozilla正在尝试类似的东西.

无论哪种方式, Philippe Le hhgaret说, 负责W3C的项目管理, 这些问题导致W3C规范草案中出现了一个名为CDM约束的新章节. 本节部分说明, “用户代理实现者必须确保cdm不访问任何信息, storage or system capabilities that are not reasonably required for playback of protected media using the features of this specification.“规范将实现细节留给实现者, 并特别提到沙盒是一个有效的替代方案.

如图所示图1，沙盒控制DRM与计算机之间的所有通信. 如博客文章所述 “协调Mozilla的使命和W3C EME” Andreas Gal:“在我们的执行中, CDM将无法访问用户的硬盘驱动器或网络. Instead, the sandbox will provide the CDM only with communication mechanism with Firefox for receiving encrypted data and for displaying the results.因为Mozilla是一个开源浏览器, users, DRM服务提供商, and/or content publishers can audit the sandbox to ensure that it provides all the necessary protections. 任何认为Mozilla用户对DRM不感兴趣的人都应该看看Gal的文章, 当我们在8月份检查时，有466条评论, 包括, “我同意很多人的观点:EME是不必要的, 只是纯粹的邪恶.”

图1. Mozilla将DRM放在沙盒中，以防止CDM受到任何未经授权的操作.

因此，最终的W3C规范尽其所能解决了这些问题和其他问题.

上诉是关于什么的?

该呼吁提出了三个具体问题. First, the EFF wants the ability to audit the sandboxes in the browsers to ensure that user privacy is being preserved. The appeal requests “independent verification in the form of adversarial peer review by outside parties who do not face liability when they reveal defects in members’ products.“而火狐是开源的, 大多数其他浏览器都不是, 苹果公司是否, Google, 微软, 其他供应商是否会开放他们的代码供检查还有待观察.

下一个页面