[IETF-IDRM] RE: [IDRM] Disband or recharter IDRM?

Wed, 11 Dec 2002 16:53:54 -0800

I think you are all correct.  Yes there is a need, but it is too complex
right now to "nail down" any one standard.  If Microsoft, Intertrust, IBM,
VeriSign Real and Macrovision can't nail down any standards, then who are we
to think we can?  As my CTO says, "the best thing about standards is that
there are so many of them".

The key is to find a solution that is not only as secure as possible, but to
ensure the delivery solution is interoperable to the existing enterprise
applications these companies are using to track what they own so they can
monetize their assets and create new business models.

But remember, most businesses today, from Disney to Nike, are using Excel
and Access or maybe a homegrown FoxPro application to manage what properties
they can even deliver.

The problem is not in the delivery, they can't even get their products to
the loading dock.

Russ
_____________________________________________________________

Russell P. Reeder
President & CEO
RightsLine, Inc.
9100 Wilshire Blvd., Suite 520E
Beverly Hills, CA 90212
Office 310-281-6434
Fax    310-281-6495
rreeder@rightsline.com

-----Original Message-----
From: Lisa Rein [mailto:lisarein@finetuning.com]
Sent: Wednesday, December 11, 2002 4:39 PM
To: Paul Lambert
Cc: Theisen, Isabelle; Thomas Hardjono; ietf-idrm@lists.elistx.com;
glarose@info-mech.com; mbaugher@cisco.com
Subject: Re: [IDRM] Disband or recharter IDRM?

Hi Paul,

On the contrary.  Business reasons for a specific technology are
*exactly* what defines the need for an open interoperable standard.

Thanks,

Lisa Rein

http://www.finetuning.com

Paul Lambert wrote:

> Perhaps no one has a business reason for this committee and it should be
disbanded.
>
> Business reasons for a specific technology does not guarentee that there
is any reason for an open interoperable standard.
>
>
> Paul
>
>
>>-----Original Message-----
>>From: Theisen, Isabelle [mailto:Isabelle.Theisen@unistudios.com]
>>Sent: Wednesday, December 11, 2002 2:48 PM
>>To: 'Thomas Hardjono'; 'ietf-idrm@lists.elistx.com';
>>'glarose@info-mech.com'; 'mbaugher@cisco.com'
>>Subject: RE: [IDRM] Disband or recharter IDRM?
>>
>>
>>Please, I do not have a business need for these emails.
>>Please, remove from the list.
>>
>>
>>-----Original Message-----
>>From: Thomas Hardjono [mailto:thardjono@yahoo.com]
>>Sent: Wednesday, December 11, 2002 2:09 PM
>>To: Gord Larose
>>Cc: ietf-idrm@lists.elistx.com
>>Subject: Re: [IDRM] Disband or recharter IDRM?
>>
>>
>>At 12/11/2002||03:16 PM, Gord Larose wrote:
>>
>>>Hi Thomas,
>>>Thanks for the feedback and update. At a high level I agree with you
>>>completely.
>>>
>>>However, at a technical level, "Open source DRM" makes my
>>
>>brain hurt.  It's
>>
>>>hard enough hide anything in BINARY inside a PC; but like it
>>
>>or not, that's
>>
>>>one thing  DRM has to do.  I should know... the NetActive
>>
>>technology I was
>>
>>>largely responsible for addresses exactly that problem. That
>>
>>technology has
>>
>>>never, to my knowledge, been publicly cracked... but I doubt
>>
>>that would have
>>
>>>been true if we'd published the source !
>>
>>Yes, I agree: "open source DRM" makes my brain hurt too :)
>>However, this
>>seems to be the only way to provide an alternative to proprietary
>>technology.  In many cases, perhaps the mom-and-pop
>>"publisher" does not
>>need 100% hack-proof DRM (maybe not even 90% hack-proof), but
>>enough to
>>discourage non-technical people from trying to break it.
>>
>>
>>
>>>And from a business perspective, Mom & Pop businesses already have
>>>inexpensive,  low-end protection technologies available e.g. from
>>>third-party software TBYB wrappers, or via, say, Windows
>>
>>Media Player DRM.
>>
>>>The obstacles are more about complexity, churn,  supplier
>>
>>viability, trust,
>>
>>>and branding, than about cost or availability.
>>
>>Hmm, I'm not sure I follow here.  WMP is only for certain
>>types of contents
>>(e.g. not books, newspapers, newletters, etc).
>>
>>
>>
>>
>>>So we'd have to be careful about what the values of such a
>>
>>system were... if
>>
>>>we could figure out how it would work !
>>>
>>>Here's an entertaining thought: suppose we emphasize TRUST
>>
>>and CONTINUITY.
>>
>>>Maybe we could even subvert Palladium and the Fritz Chip to
>>
>>nobler ends ?
>>
>>>i.e. a system that WILL, in some sense, robustly protect
>>
>>content, but WILL
>>
>>>NOT - as a matter of the supplier's policy  - do any of  the
>>
>>things that
>>
>>>consumers and libertarians rightly fear ? And a further benefit of an
>>>open-source (that may not be the right term, maybe
>>
>>"distributed ownership"
>>
>>>is better) model could be the continuing availability of the
>>
>>solution e.g.
>>
>>>Red Hat may die, but Linux won't.
>>
>>
>>OK, so this is a *very* interesting question.  These are the types of
>>questions that needs to be discussed in a open forum and
>>where pieces of it
>>can be standardized (the way many pieces of Linux has been
>>standardized).
>>
>>cheers,
>>
>>thomas
>>------
>>
>>
>>
>>
>>>I'm not sure how to do this, but maybe we could figure it out !
>>>
>>>Cheers,
>>>   Gord 8-)
>>>
>>>
>>>
>>>----- Original Message -----
>>>From: "Thomas Hardjono" <thardjono@verisign.com>
>>>To: <glarose@info-mech.com>; <ietf-idrm@lists.elistx.com>
>>>Sent: Wednesday, December 11, 2002 12:55 PM
>>>Subject: Re: [IDRM] Disband or recharter IDRM?
>>>
>>>
>>>
>>>>Gord,
>>>>
>>>>I agree with most of your comments. Judging from the
>>
>>"emotional outcry" we
>>
>>>>received at the last IDRM meeting (Salt Lake City IETF,
>>
>>end of 2001), DRM
>>
>>>>seems to mean different things to different people.
>>>>
>>>>
>>>>At 12/11/2002||09:23 AM, Gord Larose wrote:
>>>>
>>>>>Hello:
>>>>>  Most of you on the list will not know me, as I came
>>
>>in during your
>>
>>>period
>>>
>>>>>of dormancy. I too have been mulling these issues, as
>>
>>the DRM company
>>
>>>that
>>>
>>>>>I helped found (NetActive) struggled like most others in
>>
>>the space.
>>
>>>>>I think there are two classes of issues here - the
>>
>>social-advocacy ones
>>
>>>>>and the technical ones.
>>>>>
>>>>>The social-advocacy issues are horribly subjective. The
>>
>>concerns were
>>
>>>>>well expressed in Mark's email, and we could spend
>>
>>thousands of words
>>
>>>>>debating them.  For what it
>>>>>is worth, I believe that DRM is not philosophically
>>
>>wrong, and further,
>>
>>>that
>>>
>>>>>it is commercially necessary. However, I do not believe
>>
>>that the current
>>
>>>>>"axis of greed" between Hollywood and Washington serves the best
>>>
>>>interests
>>>
>>>>>of American citizens and, as a Canadian, I am very
>>
>>concerned about the
>>
>>>>>United States' efforts to impose its draconian views of copyright
>>>>>enforcement on the rest of the world.
>>>>> Good DRM does not have to put Big Brother on your hard
>>
>>drive. If it
>>
>>>does,
>>>
>>>>>then the price is too high.
>>>>
>>>>Right. So one of the notions we put forward in the IETF
>>
>>was:  is it at all
>>
>>>>possible to create "open-source DRM technologies", so that small
>>>>mom-and-pop publishers need not pay $$$ for proprietary
>>
>>solutions.  The
>>
>>>>analogy is that with Linux and the Apache webserver,
>>
>>which are available
>>
>>>>for around $30.
>>>>Another useful comparison in the RSA encryption
>>
>>algorithm, which is good
>>
>>>>technology, well understood, standardized and now finally
>>
>>over the patent
>>
>>>>hurdle.
>>>>
>>>>I realize that some folks take the (radical) position of
>>
>>being against any
>>
>>>>development of DRM technology whatsoever.  The best way
>>
>>to ensure Big
>>
>>>>Brother does not happen is to go against any work
>>
>>relating to DRM. The
>>
>>>>reality is that DRM Technology is here to stay
>>
>>(proprietary), whether we
>>
>>>>like it or not.  It will ship inside PCs and in consumer
>>
>>electronics
>>
>>>>devices.  I think such a position actually helps the Big
>>
>>Brother syndrome,
>>
>>>>as it does not provide an option to the general public as
>>
>>to alternative
>>
>>>>sources of technology.
>>>>
>>>>
>>>>
>>>>
>>>>>On a philosophical level then, I say there is a need for
>>
>>smart people to
>>
>>>>>build workable DRM that citizens can live with.
>>>>>
>>>>>The point issue of this technical group's mandate is
>>
>>much clearer IMO.
>>
>>>The
>>>
>>>>>core
>>>>>technology challenges for DRM are terminal node
>>
>>challenges, not network
>>
>>>>>challenges. Sure, a network is usually involved, but DRM
>>
>>is nothing
>>
>>>special
>>>
>>>>>for the network. DRM's basic network needs are nothing
>>
>>harder than
>>
>>>>>http/https over tcp/ip. And the terminal mode challenges
>>
>>are largely
>>
>>>about
>>>
>>>>>things like tamper-resistance, which are proprietary and not very
>>>
>>>amenable
>>>
>>>>>to
>>>>>standardization. It's not something where an IETF group
>>
>>adds much value.
>>
>>>>Right.  This is where the word "DRM" is I think a
>>
>>misnomer for the IETF
>>
>>>>efforts.  You are absolutely right, that DRM is indeed
>>
>>"terminal node
>>
>>>>challenges" (ie. development of rights-enforcing
>>
>>terminals), which is not
>>
>>>>the traditional area of work for the IETF.
>>>>
>>>>However, there some network issues that is part of what I
>>
>>call the "DRM
>>
>>>>macrocosm", which included functions relating to
>>
>>look-ups, secure network
>>
>>>>storage, transaction clearinghouse, etc.  These would appear to be
>>>
>>>suitable
>>>
>>>>for work items in the IETF.
>>>>
>>>>Thus, one possible change to IDRM is a new name that is
>>
>>less likely to be
>>
>>>>controversial.
>>>>
>>>>
>>>>
>>>>
>>>>>So where does that leave the group ? Seems to me the
>>
>>options include:
>>
>>>>>1) disband
>>>>>2) generalize the focus to a multidisciplinary one,
>>
>>along the lines of
>>
>>>>>http://www.bcdforum.org . (Though I have to confess I find that
>>>
>>>organization
>>>
>>>>>lacking substance.)
>>>>>3) Find specific technical problems that are obstacles
>>
>>to good (i.e.
>>
>>>>>effective but not Orwellian) DRM, which are going
>>
>>begging, and in scope,
>>
>>>>>and work on solutions.
>>>>>
>>>>>I don't have a top-of-mind suggestion for #3, but it
>>
>>sounds like the most
>>
>>>>>fun!
>>>>
>>>>Yes, the keyword is "fun".  Perhaps others on the list
>>
>>may have specific
>>
>>>>suggestions?
>>>>
>>>>cheers,
>>>>
>>>>thomas
>>>>------
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>>Other thoughts ???
>>>>>
>>>>>Best Regards,
>>>>>   Gord Larose
>>>>>
>>>>>----- Original Message -----
>>>>>From: "Mark Baugher" <mbaugher@cisco.com>
>>>>>To: <ietf-idrm@lists.elistx.com>
>>>>>Cc: <thardjono@yahoo.com>; "Vern Paxson" <vern@icir.org>
>>>>>Sent: Tuesday, December 10, 2002 6:43 PM
>>>>>Subject: [IDRM] Disband or recharter IDRM?
>>>>>
>>>>>
>>>>>>IDRM has obviously been dormant for about a year.
>>>>>>SNIP<
>>>>
>
>