Because the browser is an open stack. There are many layers interacting from the network protocols up to the rendering and scripting engines, and they are all open. The implementations are generally open, but more importantly it's possible to look into the data itself. You can see why this is a problem for DRM. To "properly" lock it down, you'd have to close the entire stack, and then you'd have to outlaw open source implementations. The whole thing is just not designed to disobey the user. Keep in mind that this would have to cover the entire chain, from the network connection all the way up to the screen you are allowed to play the content on.
For that kind of DRM to work, your browser would have to be turned into a black box that is difficult to inspect, designed to be controlled entirely from remote, and illegal to alter.
If this series of events were to unfold, closing the browser would not be done to benefit the content industry directly. They don't need that to deliver content, because they can always just put out an app and pump out their stuff that way. They can also just make a plugin if they want to deliver video content through the browser - which would possible with current technology today. That's not why they are proposing this. Instead this move would serve solely to restrict user freedom to use anything but approved apps for approved content.
So to make it clear why this outrage exists: there is absolutely no technical need to include this natively in HTML5. The proposal does not aim to give something to the content industry, it is instead designed to take something away from everybody else. That's not a subtle difference. But, as I said earlier, it's doubtful it will/could play out this way. The only way to achieve this "dream" is by making the web as it exists today illegal to use, and then enforce that ban through extensive ISP surveillance. In which case a DRM solution for HTML5 wouldn't matter anyway.
To "properly" lock it down, you'd have to close the entire stack, and then you'd have to outlaw open source implementations.
ORLY? How does encryption work then? One could say "in order to properly encrypt your stuff, you actually need to make sure nobody is outside your window with binoculars", but that's not the job of encryption is it. I guess it would ultimately boil down to possession of private and public keys, and making it illegal to transmit those. So? As you said, they can deliver their stuff in proprietary apps already, what is lost when they use proprietary keys instead?
YARLY! If you encrypt content, it's not DRM-protected. When you use a normal everyday encryption solution, you send me the encrypted data, encrypted with my public key and I decrypt it with my private key and then I CAN DO WHAT I WANT with it. That is what the entertainment companies want to protect against - the ability to move the plain bits once you have them decrypted. With any open-source software, you can change it to do whatever you want with the decrypted bits. Honestly, the only way for them to get what they want is to have a piece of special hardware, which you install in your pc, that does decryption of the media and outputs it only via secure connection to an a/v setup that contains a camera which does facial recognition to make sure only you are sitting in front of the PC.
Fortunately, that's still a bit too expensive to consider. Also, it will be broken by the first bored hacker with a soldering iron.
Most entertainment companies accept the current flash based solutions as sufficient. In this case they are trying to bring html5 to te same level as flash.
I'm pretty sure something similar to Adobe Access can be implemented for html 5 without requiring us to close source browsers, or patent them. I fail to see why you think otherwise.
That aside, not having DRM for html5 would likely do more harm to the open web than not doing it. Take ABC for example, they only let you view their content through flash or through a native app. This hurts the open web more than giving them DRM in html5.
They are already closing the "analog loophole" everywhere else with HDCP and DRM enabled theater projectors, it's pretty clear that's where "content owners" want to be.
Yes, really. Encryption in the browser today works exactly the other way around. It's sole purpose is to ensure data integrity on my behalf as things are transmitted between me and my chosen endpoint. The endpoint is not protected from me, and I can do whatever I want with this data once it arrives in my browser. DRM would be the antithesis of that. The problem is not they keys, it's what they keys can control or not.
That you'd need a closed source browser or plugin to access the draconian DRM content that insists on protecting the render path wouldn't mean anyone would have to consume said DRM content, or use such a browser for anything else. As you said, they could as well "put out an app", they already do; and adding a "content protection provider", a black box ultimately, to a browser just turns that browser into that app. But, and that's kind of my point, it doesn't affect my browser in any way I can discern, at worst it would mean somtimes seeing "sorry, your browser (or lack of plugins/dongle/whatever) does not support playback of this content", as opposed to that page not being there in the first place.
I'm pretty sure you can do that already. HTTP has authentication, HTTPS gives you content encryption, rate limiting can prevent content scraping, I mean if you really wanted to you could do something with canvas (the hardware acceleration stuff that's being worked on could even make it perform fairly well, I suppose). Its not the same way but it could give the same result.
Well, I'm not particularly familiar with DRM apart from not liking it. What exactly does flash do that makes the DRM-loving lawyers consider it acceptable? From my point of view the kind of control offered by HTTPS and normal browser authentication is enough but the MPAA and RIAA (or the BBC, for that matter) clearly don't agree.
Today, you can build a browser that can render all content on the web that adheres to the open standards.
With DRM built in, you can adhere to the standards all you want, you still can't render all the content unless have access to the secret keys, which can only be granted to you by the powers-that-be.
The only viable client-software will be that controlled by a few major companies in cahoots with the content-industry, and they will dictate terms on the rest of us, tearing down whatever "open" is left. Average users are not going to install an open, non-DRM client if that doesn't allow them to use Hulu, Netflix, YouTube, BBC etcetera.
Thanks to "open", the total monopoly if Microsoft's IE6 was broken and the web moved forward. With DRM, that will no longer be a viable option. Google, Microsoft and Apple together will decide how we experience the web.
If you think "open" will still play a role in that, you must haven been living under a rock for the past 10 years. Even Google's love for "open" and "neutral" has been reduced to mostly marketing.
> Today, you can build a browser that can render all content on the web that
> adheres to the open standards.
Actually, if your browser would only show that kind of content you wouldn't see much. Very little content on the web follows any standard at all.
> Google, Microsoft and Apple together will decide how
> we experience the web
You forgot Mozilla. And anyone making web browsers. That how it always was, that how it always be: browsers vendors will decide that.
> and they will dictate terms on the rest of us, tearing down whatever "open" is left.
> Average users are not going to install an open, non-DRM client if that doesn't allow
> them to use Hulu, Netflix, YouTube, BBC etcetera.
And there you have it: the amount of "whatever "open" left" is immensely bigger than all hulus and netflixes. I cannot see hulu and netflix anyway, does that mean I have no access to the open web already?
What does it mean "non DRM" client anyway? The one that only shows DRM'ed content? Does this exist? Back in the days of ITMS selling DRMed audio content iTunes still could play any mp3 you threw at it, and it still can do the same today. Just because some client will allow you to play DRMed content it in no way means that it won't be able to play open content. And because of that all this outrage is quite moronic.
> If you think "open" will still play a role in that, you must haven been living under a rock
> for the past 10 years. Even Google's love for "open" and "neutral" has been reduced to mostly marketing.
> You forgot Mozilla. And anyone making web browsers. That how it always was, that how it always be: browsers vendors will decide that.
Surely the implication was that Mozilla, and any other browser maker who does not or cannot support these locked-down content models, risk becoming irrelevant because the vast majority of people will use browsers that do support the protected content?
The current DRM proposal [1] requires specific platform-specific CDMs (content decryption modules) that are not prart of the the browser. Those can be anything, from an open source module with cross-platform support to (most likely) a closed-source binary distributed by the OS and not available for use by specific browsers.
How so? It requires the ability to have "locked" content and a mechanism to "unlock" it, but how does this affect anything else? Honest question.