4

We want to add DRM encryption in our content and want to know if its actually feasible to have our own DRM server or should go with third party ? Also if feasible can we implement all 3 fairplay, playready, widevine ?

rishabh goel
  • 41
  • 3

1 Answers1

3

It is feasible in theory - companies have done that. It is, however, quite a lot of work... think about:

  • User authentication: is user XYZ a valid subscriber, whatever that means?
  • Entitlement management: does user XYZ have a right to access movie "The Hangover"? And if so, is it for a limited time? Are they allowed to view it in 4K? Can the output go via HDMI and if so, which HDCP version? Etc... All these things are spelled out in the studios license agreement, and therefore need to be enforced.
  • Keeping the server key material up to date: keeping the various server certificates up to date by dealing directly with Apple, Microsoft, Google; ensure reasonable key rotation, etc.
  • Interfacing with media encoders: you probably have a streaming server powered by an encoder (AWS Elemental, Harmonic, Bitmovin, etc.), which means you need to ensure the license servers share key material with the encoder, so that the stream gets protected with the correct key. Again, think about key rotation, especially for live events.

I could go on for a while, but this should give a hint of the extra effort involved when running it by yourself as opposed to licensing a pre-packaged multi-DRM solution.

Guido Domenici
  • 5,146
  • 2
  • 28
  • 38
  • I too want to implement our own DRM license server. What do you mean with "Keeping the server key material up to date" here? Im completely new on the domain and probably have much to learn so one of my question: can I implement for example a Playready or Widevine license issuer independently of anything from Microsoft or Google? is there any guideline you might know for that? Im actually struggling with playready and widevine now as they basically require a license server. here is an opensource project Im using as foundation https://github.com/willkk/opendrm – irzhy Dec 04 '22 at 15:25
  • 1
    @irzhy about your question "can I implement for example a Playready or Widevine license issuer independently of anything from Microsoft or Google?" The answer is, not as far as I know... it's kind of a closed system. There are good cryptographic reasons for that (in a nutshell - the trusted DRM clients need to validate the server's responses against a known root cert, which is Microsoft's or Google's) – Guido Domenici Dec 06 '22 at 14:42
  • thank you for these insights, very helpful – irzhy Dec 07 '22 at 15:17