[IETF-IDRM] RE: [IDRM] Disband or recharter IDRM?

Paul Lambert PaulLambert@AirgoNetworks.Com
Wed, 11 Dec 2002 14:57:32 -0800


> Please, I do not have a business need for these emails.=20

Perhaps no one has a business reason for this committee and it should=
 be disbanded.=20

Business reasons for a specific technology does not guarentee that th=
ere is any reason for an open interoperable standard.


Paul

> -----Original Message-----
> From: Theisen, Isabelle [mailto:Isabelle.Theisen@unistudios.com]
> Sent: Wednesday, December 11, 2002 2:48 PM
> To: 'Thomas Hardjono'; 'ietf-idrm@lists.elistx.com';
> 'glarose@info-mech.com'; 'mbaugher@cisco.com'
> Subject: RE: [IDRM] Disband or recharter IDRM?
>=20
>=20
> Please, I do not have a business need for these emails.=20
> Please, remove from the list.
>=20
>=20
> -----Original Message-----
> From: Thomas Hardjono [mailto:thardjono@yahoo.com]
> Sent: Wednesday, December 11, 2002 2:09 PM
> To: Gord Larose
> Cc: ietf-idrm@lists.elistx.com
> Subject: Re: [IDRM] Disband or recharter IDRM?
>=20
>=20
> At 12/11/2002||03:16 PM, Gord Larose wrote:
> >Hi Thomas,
> >Thanks for the feedback and update. At a high level I agree with y=
ou
> >completely.
> >
> >However, at a technical level, "Open source DRM" makes my=20
> brain hurt.  It's
> >hard enough hide anything in BINARY inside a PC; but like it=20
> or not, that's
> >one thing  DRM has to do.  I should know... the NetActive=20
> technology I was
> >largely responsible for addresses exactly that problem. That=20
> technology has
> >never, to my knowledge, been publicly cracked... but I doubt=20
> that would have
> >been true if we'd published the source !
>=20
> Yes, I agree: "open source DRM" makes my brain hurt too :) =20
> However, this=20
> seems to be the only way to provide an alternative to proprietary=
=20
> technology.  In many cases, perhaps the mom-and-pop=20
> "publisher" does not=20
> need 100% hack-proof DRM (maybe not even 90% hack-proof), but=20
> enough to=20
> discourage non-technical people from trying to break it.
>=20
>=20
> >And from a business perspective, Mom & Pop businesses already have
> >inexpensive,  low-end protection technologies available e.g. from
> >third-party software TBYB wrappers, or via, say, Windows=20
> Media Player DRM.
> >The obstacles are more about complexity, churn,  supplier=20
> viability, trust,
> >and branding, than about cost or availability.
>=20
> Hmm, I'm not sure I follow here.  WMP is only for certain=20
> types of contents=20
> (e.g. not books, newspapers, newletters, etc).
>=20
>=20
>=20
> >So we'd have to be careful about what the values of such a=20
> system were... if
> >we could figure out how it would work !
> >
> >Here's an entertaining thought: suppose we emphasize TRUST=20
> and CONTINUITY.
> >Maybe we could even subvert Palladium and the Fritz Chip to=20
> nobler ends ?
> >i.e. a system that WILL, in some sense, robustly protect=20
> content, but WILL
> >NOT - as a matter of the supplier's policy  - do any of  the=20
> things that
> >consumers and libertarians rightly fear ? And a further benefit of=
 an
> >open-source (that may not be the right term, maybe=20
> "distributed ownership"
> >is better) model could be the continuing availability of the=20
> solution e.g.
> >Red Hat may die, but Linux won't.
>=20
>=20
> OK, so this is a *very* interesting question.  These are the types =
of=20
> questions that needs to be discussed in a open forum and=20
> where pieces of it=20
> can be standardized (the way many pieces of Linux has been=20
> standardized).
>=20
> cheers,
>=20
> thomas
> ------
>=20
>=20
>=20
> >I'm not sure how to do this, but maybe we could figure it out !
> >
> >Cheers,
> >    Gord 8-)
> >
> >
> >
> >----- Original Message -----
> >From: "Thomas Hardjono" <thardjono@verisign.com>
> >To: <glarose@info-mech.com>; <ietf-idrm@lists.elistx.com>
> >Sent: Wednesday, December 11, 2002 12:55 PM
> >Subject: Re: [IDRM] Disband or recharter IDRM?
> >
> >
> > >
> > > Gord,
> > >
> > > I agree with most of your comments. Judging from the=20
> "emotional outcry" we
> > > received at the last IDRM meeting (Salt Lake City IETF,=20
> end of 2001), DRM
> > > seems to mean different things to different people.
> > >
> > >
> > > At 12/11/2002||09:23 AM, Gord Larose wrote:
> > > >Hello:
> > > >   Most of you on the list will not know me, as I came=20
> in during your
> >period
> > > >of dormancy. I too have been mulling these issues, as=20
> the DRM company
> >that
> > > >I helped found (NetActive) struggled like most others in=20
> the space.
> > > >
> > > >I think there are two classes of issues here - the=20
> social-advocacy ones
> > > >and the technical ones.
> > > >
> > > >The social-advocacy issues are horribly subjective. The=20
> concerns were
> > > >well expressed in Mark's email, and we could spend=20
> thousands of words
> > > >debating them.  For what it
> > > >is worth, I believe that DRM is not philosophically=20
> wrong, and further,
> >that
> > > >it is commercially necessary. However, I do not believe=20
> that the current
> > > >"axis of greed" between Hollywood and Washington serves the be=
st
> >interests
> > > >of American citizens and, as a Canadian, I am very=20
> concerned about the
> > > >United States' efforts to impose its draconian views of copyri=
ght
> > > >enforcement on the rest of the world.
> > > >  Good DRM does not have to put Big Brother on your hard=20
> drive. If it
> >does,
> > > >then the price is too high.
> > >
> > > Right. So one of the notions we put forward in the IETF=20
> was:  is it at all
> > > possible to create "open-source DRM technologies", so that smal=
l
> > > mom-and-pop publishers need not pay $$$ for proprietary=20
> solutions.  The
> > > analogy is that with Linux and the Apache webserver,=20
> which are available
> > > for around $30.
> > > Another useful comparison in the RSA encryption=20
> algorithm, which is good
> > > technology, well understood, standardized and now finally=20
> over the patent
> > > hurdle.
> > >
> > > I realize that some folks take the (radical) position of=20
> being against any
> > > development of DRM technology whatsoever.  The best way=20
> to ensure Big
> > > Brother does not happen is to go against any work=20
> relating to DRM. The
> > > reality is that DRM Technology is here to stay=20
> (proprietary), whether we
> > > like it or not.  It will ship inside PCs and in consumer=20
> electronics
> > > devices.  I think such a position actually helps the Big=20
> Brother syndrome,
> > > as it does not provide an option to the general public as=20
> to alternative
> > > sources of technology.
> > >
> > >
> > >
> > > >On a philosophical level then, I say there is a need for=20
> smart people to
> > > >build workable DRM that citizens can live with.
> > > >
> > > >The point issue of this technical group's mandate is=20
> much clearer IMO.
> >The
> > > >core
> > > >technology challenges for DRM are terminal node=20
> challenges, not network
> > > >challenges. Sure, a network is usually involved, but DRM=20
> is nothing
> >special
> > > >for the network. DRM's basic network needs are nothing=20
> harder than
> > > >http/https over tcp/ip. And the terminal mode challenges=20
> are largely
> >about
> > > >things like tamper-resistance, which are proprietary and not v=
ery
> >amenable
> > > >to
> > > >standardization. It's not something where an IETF group=20
> adds much value.
> > >
> > > Right.  This is where the word "DRM" is I think a=20
> misnomer for the IETF
> > > efforts.  You are absolutely right, that DRM is indeed=20
> "terminal node
> > > challenges" (ie. development of rights-enforcing=20
> terminals), which is not
> > > the traditional area of work for the IETF.
> > >
> > > However, there some network issues that is part of what I=20
> call the "DRM
> > > macrocosm", which included functions relating to=20
> look-ups, secure network
> > > storage, transaction clearinghouse, etc.  These would appear to=
 be
> >suitable
> > > for work items in the IETF.
> > >
> > > Thus, one possible change to IDRM is a new name that is=20
> less likely to be
> > > controversial.
> > >
> > >
> > >
> > > >So where does that leave the group ? Seems to me the=20
> options include:
> > > >1) disband
> > > >2) generalize the focus to a multidisciplinary one,=20
> along the lines of
> > > >http://www.bcdforum.org . (Though I have to confess I find tha=
t
> >organization
> > > >lacking substance.)
> > > >3) Find specific technical problems that are obstacles=20
> to good (i.e.
> > > >effective but not Orwellian) DRM, which are going=20
> begging, and in scope,
> > > >and work on solutions.
> > > >
> > > >I don't have a top-of-mind suggestion for #3, but it=20
> sounds like the most
> > > >fun!
> > >
> > > Yes, the keyword is "fun".  Perhaps others on the list=20
> may have specific
> > > suggestions?
> > >
> > > cheers,
> > >
> > > thomas
> > > ------
> > >
> > >
> > >
> > >
> > >
> > > >Other thoughts ???
> > > >
> > > >Best Regards,
> > > >    Gord Larose
> > > >
> > > >----- Original Message -----
> > > >From: "Mark Baugher" <mbaugher@cisco.com>
> > > >To: <ietf-idrm@lists.elistx.com>
> > > >Cc: <thardjono@yahoo.com>; "Vern Paxson" <vern@icir.org>
> > > >Sent: Tuesday, December 10, 2002 6:43 PM
> > > >Subject: [IDRM] Disband or recharter IDRM?
> > > >
> > > > > IDRM has obviously been dormant for about a year.
> > > > >SNIP<
> > >
>=20