Securing WebM Video
Supporting real DRM is not required per se. It might be more about offering publishers different ways to protect video content. In the end there's a tradeoff between decent content protection ánd a decent way for users to legidly access the content (cross-platform, fair prices, etc).
That said, there seem to be three general mechanisms for content protection:
- URL signing (all CDNs? / Flumotion): The URL to a video is signed with an SHA1? digest that includes geo, ip, time, referrer or user-agent restrictions. Protects good against leeching but not really against downloading. Implementation is easy (small module / script) and solely serverside.
get video data using websockets » decrypt data » use something like videoTag.append(videoData).
- Rights management (PlayReady?, FlashAccess?): Individual client access to individual files is centrally managed. Protects good against both leeching and downloading; access can even be revoked. Client-side work is needed, probably inside the UA since the JS layer can be easily compromised. Serverside work is needed too, since there's no "open DRM" server available (contradictio in terminis?).