Encrypted Media Extensions | |
Abbreviation | EME, encrypted-media |
---|---|
Native name | Encrypted Media Extensions |
Status | W3C Recommendation |
Year started | 2013 |
First published | May 10, 2013 [1] |
Latest version | 2017-09-18 September 18, 2017 [2] |
Preview version | Editor's Draft March 20, 2021 [3] |
Organization | [2] [3] |
Committee |
|
Editors | |
Base standards | |
Domain | Digital rights management |
Website |
|
Encrypted Media Extensions (EME) is a W3C specification for providing a communication channel between web browsers and the Content Decryption Module (CDM) software which implements digital rights management (DRM). [2] This allows the use of HTML video to play back DRM-wrapped content such as streaming video services without the use of heavy third-party media plugins like Adobe Flash or Microsoft Silverlight (both discontinued). The use of a third-party key management system may be required, depending on whether the publisher chooses to scramble the keys.
EME is based on the Media Source Extensions (MSE) specification, [4] which enables adaptive bitrate streaming in HTML audio and video, e.g. using MPEG-DASH with MPEG-CENC protected content. [5] [6]
EME has been highly controversial because it places a necessarily proprietary, closed decryption component which requires per-browser licensing fees into what might otherwise be an entirely open and free software ecosystem. [7] [8] On July 6, 2017, W3C publicly announced its intention to publish an EME web standard, [9] and did so on September 18. [2] On the same day, the Electronic Frontier Foundation, who joined in 2014 to participate in the decision making, [10] published an open letter resigning from W3C. [11]
In April 2013, on the Samsung Chromebook, Netflix became the first company to offer HTML video using EME. [12]
As of 2016 [update] , the Encrypted Media Extensions interface has been implemented in the Google Chrome, [13] Internet Explorer, [14] Safari, [15] Firefox, [16] and Microsoft Edge [17] browsers.
While backers and the developers of the Firefox web browser were hesitant in implementing the protocol for ethical reasons due to its dependency on proprietary code, [18] Firefox introduced EME support on Windows platforms in May 2015, originally using Adobe's Primetime DRM library, later replaced with the Widevine library (CDM). Firefox's implementation of EME uses an open-source sandbox to load the proprietary DRM modules, which are treated as plug-ins that are loaded when EME-encrypted content is requested. The sandbox was also designed to frustrate the ability for services and the DRM to uniquely track and identify devices. [16] [19] Additionally, it is always possible to disable DRM in Firefox, which then not only disables EME, but also uninstalls the Widevine DRM libraries. [20]
Netflix supports HTML video using EME with a supported web browser: Chrome, Firefox, [21] Microsoft Edge, Internet Explorer (on Windows 8.1 or newer [22] ), or Safari (on OS X Yosemite or newer [23] ). YouTube supports the MSE. [24] Available players supporting MPEG-DASH using the MSE and EME are NexPlayer, [25] THEOplayer [26] by OpenTelly, the bitdash MPEG-DASH player, [27] [28] dash.js [29] by DASH-IF or rx-player. [30]
Note that certainly in Firefox and Chrome, EME does not work unless the media is supplied via Media Source Extensions.
Version 4.3 and subsequent versions of Android support EME. [31]
EME has faced strong criticism from both inside [33] [34] and outside W3C. [35] [36] The major issues for criticism are implementation issues for open-source browsers, entry barriers for new browsers, lack of interoperability, [37] concerns about security, privacy and accessibility, and possibility of legal trouble in the United States due to Chapter 12 [38] of the DMCA. [39] [40] [41] [42]
In July 2020, Reddit started using a fingerprinting mechanism that involves loading every DRM module that browsers can support, and logs what ends up loading as part of the data collected. Users noticed this when Firefox began alerting them that Reddit "required" them to load DRM software to play media, although none of the media on the page actually needed it. [43]
As of 2020, the ways in which EME interferes with open source have become concrete. None of the widely used CDMs are being licensed to independent open-source browser providers without paying a per-browser licensing fee (particularly to Google – for their Widevine CDM, which is used in nearly all recently developed web browsers). [7]
Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current and anticipated web standards. Firefox is available for Windows 10 or later versions, macOS, and Linux. Its unofficial ports are available for various Unix and Unix-like operating systems, including FreeBSD, OpenBSD, NetBSD, and other platforms. It is also available for Android and iOS. However, as with all other iOS web browsers, the iOS version uses the WebKit layout engine instead of Gecko due to platform requirements. An optimized version is also available on the Amazon Fire TV as one of the two main browsers available with Amazon's Silk Browser.
A favicon, also known as a shortcut icon, website icon, tab icon, URL icon, or bookmark icon, is a file containing one or more small icons associated with a particular website or web page. A web designer can create such an icon and upload it to a website by several means, and graphical web browsers will then make use of it. Browsers that provide favicon support typically display a page's favicon in the browser's address bar and next to the page's name in a list of bookmarks. Browsers that support a tabbed document interface typically show a page's favicon next to the page's title on the tab, and site-specific browsers use the favicon as a desktop icon.
A browser war is a competition for dominance in the usage share of web browsers. The "first browser war" (1995–2001) consisted of Internet Explorer and Netscape Navigator, and the "second browser war" (2004-2017) between Internet Explorer, Firefox, and Google Chrome.
This is a comparison of both historical and current web browsers based on developer, engine, platform(s), releases, license, and cost.
HTML5 is a markup language used for structuring and presenting hypertext documents on the World Wide Web. It was the fifth and final major HTML version that is now a retired World Wide Web Consortium (W3C) recommendation. The current specification is known as the HTML Living Standard. It is maintained by the Web Hypertext Application Technology Working Group (WHATWG), a consortium of the major browser vendors.
Microsoft Silverlight is a discontinued application framework designed for writing and running rich internet applications, similar to Adobe's runtime, Adobe Flash. While early versions of Silverlight focused on streaming media, later versions supported multimedia, graphics, and animation, and gave support to developers for CLI languages and development tools. Silverlight was one of the two application development platforms for Windows Phone, but web pages using Silverlight did not run on the Windows Phone or Windows Mobile versions of Internet Explorer, as there was no Silverlight plugin for Internet Explorer on those platforms.
Internet Explorer 9 or IE9 is the ninth major version of the Internet Explorer web browser for Windows. It was released by Microsoft on March 14, 2011, as the successor to Internet Explorer 8. Microsoft released Internet Explorer 9 as a major out-of-band version that was not tied to the release schedule of any particular version of Windows, unlike previous versions. It is the first version of Internet Explorer not to be bundled with a Windows operating system, although some OEMs have installed it with Windows on their PCs. Internet Explorer 9 was the last version to be called Windows Internet Explorer. The software was rebranded simply as Internet Explorer starting with the release of Internet Explorer 10.
Web storage, sometimes known as DOM storage, is a standard JavaScript API provided by web browsers. It enables websites to store persistent data on users' devices similar to cookies, but with much larger capacity and no information sent in HTTP headers. There are two main web storage types: local storage and session storage, behaving similarly to persistent cookies and session cookies respectively. Web Storage is standardized by the World Wide Web Consortium (W3C) and WHATWG, and is supported by all major browsers.
The HTML5 draft specification adds video
and audio
elements for embedding video and audio in HTML documents. The specification had formerly recommended support for playback of Theora video and Vorbis audio encapsulated in Ogg containers to provide for easier distribution of audio and video over the internet by using open standards, but the recommendation was soon after dropped.
HTTP Live Streaming is an HTTP-based adaptive bitrate streaming communications protocol developed by Apple Inc. and released in 2009. Support for the protocol is widespread in media players, web browsers, mobile devices, and streaming media servers. As of 2022, an annual video industry survey has consistently found it to be the most popular streaming format.
WebGL is a JavaScript API for rendering interactive 2D and 3D graphics within any compatible web browser without the use of plug-ins. WebGL is fully integrated with other web standards, allowing GPU-accelerated usage of physics, image processing, and effects in the HTML canvas. WebGL elements can be mixed with other HTML elements and composited with other parts of the page or page background.
HTML video is a subject of the HTML specification as the standard way of playing video via the web. Introduced in HTML5, it is designed to partially replace the object element and the previous de facto standard of using the proprietary Adobe Flash plugin, though early adoption was hampered by lack of agreement as to which video coding formats and audio coding formats should be supported in web browsers. As of 2020, HTML video is the only widely supported video playback technology in modern browsers, with the Flash plugin being phased out.
Modern HTML5 has feature-parity with the now-obsolete Adobe Flash. Both include features for playing audio and video within web pages. Flash was specifically built to integrate vector graphics and light games in a web page, features that HTML5 also supports.
Dynamic Adaptive Streaming over HTTP (DASH), also known as MPEG-DASH, is an adaptive bitrate streaming technique that enables high quality streaming of media content over the Internet delivered from conventional HTTP web servers. Similar to Apple's HTTP Live Streaming (HLS) solution, MPEG-DASH works by breaking the content into a sequence of small segments, which are served over HTTP. An early HTTP web server based streaming system called SProxy was developed and deployed in the Hewlett Packard Laboratories in 2006. It showed how to use HTTP range requests to break the content into small segments. SProxy shows the effectiveness of segment based streaming, gaining best Internet penetration due to the wide deployment of firewalls, and reducing the unnecessary traffic transmission if a user chooses to terminate the streaming session earlier before reaching the end. Each segment contains a short interval of playback time of content that is potentially many hours in duration, such as a movie or the live broadcast of a sport event. The content is made available at a variety of different bit rates, i.e., alternative segments encoded at different bit rates covering aligned short intervals of playback time. While the content is being played back by an MPEG-DASH client, the client uses a bit rate adaptation (ABR) algorithm to automatically select the segment with the highest bit rate possible that can be downloaded in time for playback without causing stalls or re-buffering events in the playback. The current MPEG-DASH reference client dash.js offers both buffer-based (BOLA) and hybrid (DYNAMIC) bit rate adaptation algorithms. Thus, an MPEG-DASH client can seamlessly adapt to changing network conditions and provide high quality playback with few stalls or re-buffering events.
Content Security Policy (CSP) is a computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context. It is a Candidate Recommendation of the W3C working group on Web Application Security, widely supported by modern web browsers. CSP provides a standard method for website owners to declare approved origins of content that browsers should be allowed to load on that website—covered types are JavaScript, CSS, HTML frames, web workers, fonts, images, embeddable objects such as Java applets, ActiveX, audio and video files, and other HTML5 features.
HTML audio is a subject of the HTML specification, incorporating audio input, playback, and synthesis, all in the browser.
VP9 is an open and royalty-free video coding format developed by Google.
Media Source Extensions (MSE) is a W3C specification that allows JavaScript to send byte streams to media codecs within web browsers that support HTML video and audio. Among other possible uses, this allows the implementation of client-side prefetching and buffering code for streaming media entirely in JavaScript. It is compatible with, but should not be confused with, the Encrypted Media Extensions (EME) specification, and neither requires the use of the other, although many EME implementations are only capable of decrypting media data provided via MSE.
Bitmovin is a multimedia technology company which provides services that transcode digital video and audio to streaming formats using cloud computing, and streaming media players. Founded in 2013, the Austrian company contributes to MPEG-DASH, an open standard that allows streaming video to be played in HTML video and Flash Video web players.
Widevine is a proprietary digital rights management (DRM) system developed by Google. It provides content protection for media. Widevine is divided into three security levels with differing levels of protection depending on the hardware present on the device. Widevine is included in most major web browsers and in Android and iOS.
{{cite book}}
: CS1 maint: location missing publisher (link)In mobile markets [...] Android has supported MSE since version 4.1, and EME since version 4.3.
Note that IE10 and IE11 on Windows 7 do not have the MSE/EME API available which is required to playback DRM protected video content in HTML5. As a consequence, it is technically not possible for any HTML5-based video player to playback DRM protected content on these browsers in Windows 7.