#1082: [wg/media] Media Working Group Charter

Visit on Github.

Opened Apr 18, 2025

This issue was created because the 'horizontal review requested' label was added to § https://github.com/w3c/strategy/issues/504

This review is requested prior to the Advisory Committee Review.

New charter proposal, reviewers please take note.

Charter Review

This is an existing WG recharter

Communities suggested for outreach

None in particular. Through group participation, agenda topics, and joint meetings, the Media WG has regular exchanges with the WebRTC Working Group, the Timed Text Working Group and the Media & Entertainment Interest Group (which, in turn, exchanges on media topics with a number of external organizations).

Known or potential areas of concern

Where would charter proponents like to see issues raised? On the w3c/charter-media-wg issue tracker

Anything else we should think about as we review?

The draft charter mentions two additional issues in the description of the work planned on the Encrypted Media Extensions deliverable. These are more "maintenance" than "new features" but it seemed worth expliciting given that the scope of work on EME remains restricted.

The WebCodecs section also describes planned work to give applications the ability to use an HTMLMediaElement and buffering mechanisms defined in Media Source Extensions (MSE) to achieve adaptive playback of media that originates from WebCodecs structures, including creating a way to represent encrypted audio/video chunks within WebCodecs so that playback can leverage EME.

By itself, the possibility to represent encrypted audio/video chunks in WebCodecs does not extend EME in any way (and EME will not need to be updated at all for that). In a typical scenario, an encrypted encoded media chunk (EncodedAudioChunk or EncodedVideoChunk) will be passed to MSE and connected to a <video> element. Playback of the encrypted content will then handled by EME, as for any other encrypted content that reaches a <video> element.

By definition, encrypted media chunks cannot be decoded as-is into a raw VideoFrame, although the spec does not preclude creating an "opaque" VideoFrame. If implementations supported this, such a VideoFrame could perhaps in turn perhaps be used in other scenarios. Here is an analysis of these other scenarios to help reviewers grasp the ins and outs of the proposal:

  1. A VideoFrame can be injected into a <video> element through a VideoTrackGenerator. With encrypted chunks, this would achieve the same thing as connecting it to a <video> through MSE+EME (apps would have to handle the buffering themselves, but that's orthogonal to encryption).
  2. A VideoFrame can be directly injected into a <canvas> element. Injecting an encrypted VideoFrame into a <canvas> will not work out of the box since that would de facto reveal the bytes. The concept of a "tainted canvas", used for cross-origin content, could perhaps be extended for encrypted VideoFrames. For that to work, EME would also need to be integrated to <canvas>. If all that happens, this would make it easier to apply content protection to still images, but this is actually already doable in practice, see discussion in https://github.com/w3c/webcodecs/issues/41#issuecomment-2739895730
  3. A VideoFrame can be imported as external texture into WebGL and WebGPU pipelines. As with <canvas>, injecting an encrypted VideoFrame will simply not work today because these pipelines do not have provisions for encrypted content, and would require significant work on the APIs and implementations. Should WebGL and WebGPU decide to add support for content protected textures, they would likely want to leverage encrypted structures that can more directly be used as textures than VideoFrame in any case.

Cc @chrisn, @marcoscaceres.

Charter facilitator(s)

cc @tidoust

Discussions

Log in to see TAG-private discussions.

Discussed May 5, 2025 (See Github)

Jeffrey: Lola looked at it and pointed out we have no guidance on reviewing charters.

Lola: Question I have: all of this stuff about what to account for in terms of changes to the specs, it felt out of remit for a charter review, as it's not a spec review. I feel like you can charter what you want, and when the spec comes to us for design review, we can say yes/no, point things out that they should keep an eye on (e.g. EME). I feel like a charter feels like a level above that.

Yves: There are things in the charter review that'll be screened by the Team, so for the TAG the scope is mostly the deliverables: do they make sense? I mean in general, to the architecture of the web. Focus on deliverables to limit the time needed on the reviews.

DanA: also we comment on the liaisons and that for example if there is other work in or out of W3C they should be referencing / coordinating with

Lola: It's hard to comment on the deliverables; they seem realistic to me, but the parts about the EME... in response to your comment Jeffrey about EME ... @@@

Jeffrey: My comment aims to warn them that we'll be focusing on this when we review their specs - in other cases, not enough people said they were worried about the deliverables at charter review. We need to ensure that we raise concerns earlier in the process.

Lola: Understood; I can use what was in your comment and close the issue.

Jeffrey: First, just checking with the group that I wasn't off-base.

DanA: Concerned, as anything with EME is a lightning rod for criticism.

Jeffrey: I would be willing to get hit by the lightning.

Lola: What are the concerns around EME?

DanA: It's DRM, and was highly controversial at launch.

Hadley: Challenging due to putting things into the web that are not completely open, but also challenging architecturally because it was specifying an API through which encrypted media would pass, but not what happens at either end. Were we drawing the boundaries of the web too small? Those sorts of questions.

Jeffrey: I'll draft a reply and run it past us. I think it's our job to take a stand and explain why EME is OK and what constraints there are on its evolution.

DanA: When this was being worked on, TAG issued a post saying there was a need for additional scrutiny, around the DMCA and the role researchers may play. That direction was not ultimately fully explored. I don't know that we need to say things that are pro-EME, but we could say that given EME exists, this seems reasonable.

Jeffrey: I don't mean we need to say EME is fine, but there's a way that it fits in to the architecture. There's a sentence in the UA doc that explains why, to which we can refer. Your mention of the security aspect reminds me that the security IG is looking at adopting the doc based on that TAG post "Security disclosures best practices" - i.e. companies should not sue security researchers.

DanA: The non-action by W3C on that point was [one reason] why EFF left W3C.

Discussed May 12, 2025 (See Github)

Jeffrey: I left a proposed comment in private brainstorming that discusses the EME question. Martin suggested some edits. I don't have a strong opinion.

DanA: I support the section up until 'when considering new capabilities'. I'm happy with just posting that if that's what we have consensus on.

Lola: I'm happy to go with what everyone else goes with, but I do think there's a benefit to keeping the second part because a charter review is like an early intervention in case we identify things that could be issues down the line. I think the part Martin's suggesting to cut out is doing that - to ensure people are mindful of aspects that could be important in future. I think we have a responsibility to say something.

Jeffrey: I was thinking that we should tell them about the kinds of things that end users might want to get. I'm not particularly tied to saying 'fair use' but it would be nice to say something.

Lola: Agree.

DanA: How about a concise sentence that captures what Lola said? Something that urges care, or 'we urge you to take care when building new facilities on EME' ... @@

Jeffrey: I could also mention 'fair dealing' which is the UK and many other countries' version.

DanA: I'm suggesting not mentioning it specifically at all.

Jeffrey: I'd like to emphasise offsetting the downsides of EME.

DanA: Could you draft a new version of the comment and call Martin's attention to it and see if we can get his agreement on it? I think the consensus here is we'd like to say more than the first part. I think it would be stronger with a bit more info.

Jeffrey: Draft copied into minutes below and edited to remove the mention of 'fair use' and 'security reseearch'.

<blockquote>

Thank you for sending this to us. We don't have any concerns about the charter update, but given the ideas about extending EME, we wanted to give a sense of how the TAG will think about any such extensions.

We see EME as a bargain struck between the web's users and content owners, with web browsers negotiating on their users' behalf. The content of this bargain is still controversial, even 8 years later. We're not taking a position on whether that bargain was justified at the time, but we do think that the web's users deserve their representatives to keep negotiating hard for better bargains in the future. We shouldn't just give away new ways to use EME without ensuring that end users are getting something valuable in return. We urge you to take care when extending EME. When considering new capabilities, there should be some clear body of content that would stay off the web without that capability, and that content should be valuable enough to offset the downsides of EME. If the content itself would likely just be offered in a way that's less convenient for its owners, those owners could instead offer something else of value to the web's users.

Thanks again for continuing to improve media on the web. ✨

</blockquote>

DanA: I think this works for me.

Jeffrey: I'll post it back to the thread and double-check.

DanA: Want to make sure Martin has an opportunity to weigh in.