Google, Microsoft and Netflix push for HTML5 media encryption

By on February 23, 2012, 6:00 PM

Close to 80% of all videos on the web are already encoded in H.264, according data from MeFeedia, which means they can be delivered within HTML5's "video" tag without having to resort to proprietary plugins like Flash or Silverlight. But the transition to open standards for video playback on the web still has a few hurdles to clear, as most major video sites won't take the plunge until HTML5 supports some form of copy protection.

Engineers from Microsoft, Netflix and Google have proposed an extension to HTML5's media streaming capabilities that seeks just that, through a new set of API extensions for the HTMLMediaElement which would provide the necessary components for a DRM scheme. There's no DRM added to the HTML5 specification itself; the actual content protection would be handled by "an appropriate user agent implementation."

Using the proposed extensions, upon visiting a video or audio streaming site with protected content, the HTML5MediaElement would acquire a decryption key from a license server using JavaScript. This key is then used to decrypt a protected video or audio stream from within the browser.

The proposal has already been dismissed as "unethical" by W3C member and WHATWG HTML specification editor Ian Hickson, adding that it wouldn't even fulfill the necessary technical requirements for robust content protection to make it worth implementing either.

Mozilla's Chris Pearce also questioned whether the proposed framework would really provide the level of security demanded by content providers: "since the decoded video frames are stored in memory (as are audio samples) so that they can participate in the HTML rendering pipeline, how do you guard against an open source web browser simply being patched to write the frames/samples to disk to enable (presumably illegal) redistribution of the protected content?," he asked to W3C members.

In response, Netflix’s Mark Watson said that the decryption could be handled at the firmware or hardware level.

The Encrypted Media specification is currently a draft-stage proposal, so it could take a while before it becomes a W3C-blessed standard or it could be discarded along the way. Companies like Netflix and Hulu are likely eager to abandon plugins in favor of standards-based HTML5 video, but they will need some form of DRM implementation to fulfill their contractual obligations to the content providers before that can happen.




User Comments: 4

Got something to say? Post a comment
mosu said:

Encrypt the transmitted data, not HTML5 content! It's that simple...

Guest said:

It still needs to be decrypted to play it, which makes it pointless.

Also, decrypt by hardware? Are they serious? That would render a lot of old hardware useless and increase cost of all new hardware.

gamoniac said:

mosu said:

Encrypt the transmitted data, not HTML5 content! It's that simple...

In this case, they are encrypting to prevent the end users (you and I) from recording/copying it. So, the media content has to be encrypted all the way through playback.

killeriii said:

If i can view it in my home, i "should" be able to record it for future viewing. I "should" be able to make as many personal backups as i think is appropriate.

I think that is just a simple right of personal property.

(No, i'm not saying it's ok to distribute those copies. I wouldn't be a consumer at that point, but an illegal distributor.)

Getting tired of companies dictating how i should use my purchased products.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.