Encrypted Media: HDCP Policy Check

Draft Community Group Report,

This version:
https://wicg.github.io/hdcp-detection/
Issue Tracking:
GitHub
Inline In Spec
Editors:
Mounir Lamouri (Google Inc.)
Joey Parrish (Google Inc.)
Participate:
Git Repository.
File an issue.
Version History:
https://github.com/wicg/hdcp-detection/commits

Abstract

This specification intends to provide an extension to the W3C Encrypted Media Extension specification. The API will allow authors to query the policies that the CDM is able to enforce before requesting a key.

Status of this document

This specification was published by the Web Platform Incubator Community Group. It is not a W3C Standard nor is it on the W3C Standards Track. Please note that under the W3C Community Contributor License Agreement (CLA) there is a limited opt-out and other conditions apply. Learn more about W3C Community and Business Groups.

1. MediaKeys Policies

1.1. MediaKeysPolicy Dictionary

dictionary MediaKeysPolicy {
  HDCPVersion minHdcpVersion;
};

The MediaKeysPolicy dictionary is an object consisting of only optional properties. Each property represents a policy requirement.

A policy requirement is said to be fulfilled if the system matches the requirements. The exact requirements to match each policy requirement are defined below.

1.2. HDCP Policy

Using an enum as a shorthand. The final result will be similar in behaviour (TypeError) but may be based on a registry so the list can be updated without updating this document.

enum HDCPVersion {
  "1.0",
  "1.1",
  "1.2",
  "1.3",
  "1.4",
  "2.0",
  "2.1",
  "2.2",
  "2.3",
};

The HDCP Policy is represented by the minHdcpVersion. When set, the policy requirement will be fulfilled if the system supports minHdcpVersion on the current display.

2. MediaKeys extension

[SecureContext, Exposed=Window]
partial interface MediaKeys {
  [NewObject] Promise<MediaKeyStatus> getStatusForPolicy(optional MediaKeysPolicy policy);
};

The getStatusForPolicy method MUST run the following steps:

  1. If policy has no present member, return a Promise rejected with a newly created TypeError.
  2. Let p be a new Promise.
  3. For each member of policy, run the following steps:
    1. If the policy requirement associated with the member is not fulfilled, resolve p with output-restricted and abort these steps.
  4. Resolve p with usable.

3. Security and Privacy Considerations

This specification does not introduce any security-sensitive information or APIs but it provides an easier access to some information.

3.1. Fingerprinting

The API offers access to some information that can already be accessed by the page through the CDM. This information does not increase the fingerprint surface but can make it simpler for a website to fingerprint its users as the information is easier to access and no longer requires getting a key from the CDM.

The information added by this API, regardless of whether or not it is accessible in other ways does not increase the entropy for fingerprinting much as HDCP is widely available on most operating systems and displays.

The fingerprinting concerns are mitigated by the fact that the API is only accessible after requestMediaKeySystemAccess() was called which may require user consent. UAs that would require user consent in order to access the CDM will therefore require user consent to access this API.

4. Examples

video.mediaKeys.getStatusForPolicy({
  minHdcpVersion: '1.0'
}).then(status => {
  if (status === 'usable') {
    // Pre-fetch HD content.
  } else {  // such as 'output-restricted' or 'output-downscaled'
    // Pre-fetch SD content.
  }
});

Conformance

Conformance requirements are expressed with a combination of descriptive assertions and RFC 2119 terminology. The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in the normative parts of this document are to be interpreted as described in RFC 2119. However, for readability, these words do not appear in all uppercase letters in this specification.

All of the text of this specification is normative except sections explicitly marked as non-normative, examples, and notes. [RFC2119]

Examples in this specification are introduced with the words “for example” or are set apart from the normative text with class="example", like this:

This is an example of an informative example.

Informative notes begin with the word “Note” and are set apart from the normative text with class="note", like this:

Note, this is an informative note.

Index

Terms defined by this specification

Terms defined by reference

References

Normative References

[ECMASCRIPT]
ECMAScript Language Specification. URL: https://tc39.github.io/ecma262/
[ENCRYPTED-MEDIA]
David Dorwin; et al. Encrypted Media Extensions. 18 September 2017. REC. URL: https://www.w3.org/TR/encrypted-media/
[RFC2119]
S. Bradner. Key words for use in RFCs to Indicate Requirement Levels. March 1997. Best Current Practice. URL: https://tools.ietf.org/html/rfc2119
[WebIDL]
Cameron McCormack; Boris Zbarsky; Tobie Langel. Web IDL. 15 December 2016. ED. URL: https://heycam.github.io/webidl/

IDL Index

dictionary MediaKeysPolicy {
  HDCPVersion minHdcpVersion;
};

enum HDCPVersion {
  "1.0",
  "1.1",
  "1.2",
  "1.3",
  "1.4",
  "2.0",
  "2.1",
  "2.2",
  "2.3",
};

[SecureContext, Exposed=Window]
partial interface MediaKeys {
  [NewObject] Promise<MediaKeyStatus> getStatusForPolicy(optional MediaKeysPolicy policy);
};

Issues Index

Using an enum as a shorthand. The final result will be similar in behaviour (TypeError) but may be based on a registry so the list can be updated without updating this document.