ISDCF is rightly and finally taking a look at the security key management process for theatres. This is taking place largely at the request of Disney and Paramount, although they appear to have the interest of their peers.
The so-called TDL, which stands for “Trusted Device List,” is legendary if not mythical. It is supposed to hold all data pertaining to digital cinema equipment, including its digital security certificates and its location. Studios like to talk about a centralized TDL, but of course, there’s no one willing to pay for such a thing. Then there’s the subject of authenticity, for which no process that would pertain to such lists is defined. This leaves one to recognize that these lists aren’t really “trustable,” but simply device lists representative of what’s in the field.
For a list to be trusted, there has to be an authentication process. Such process would determine if the equipment is valid. This requires a neutral authority and a set of rules by which authentication takes place. If left to distributors or exhibitors, an authentication process would be subject to gaming for one’s business interests. I.e., if an exhibitor is behind in payments to a distributor, there should be no temptation to label the equipment as “untrusted,” effectively disabling the exhibitor from showing future movies.
It is good news that distribution execs finally recognize that the current system – which is essentially no system at all – doesn’t work. The challenge is funneling this new energy into a productive outcome. Looking at the notes from the last ISDCF meeting on this topic, the meeting didn’t even get close to the topic of “how to.”
While ISDCF has been involved in work for well over a year on an elegant messaging system utilizing a message envelope called Cinema Control Message (CCM), the work is slow and closed in nature. ISDCF has not reached out to the Europeans, South Americans, or Australians that are without representative offices in Los Angeles but equally in need of this work. In addition, this work has yet to be passed on to SMPTE for standardization. In short, CCM is not the near-term solution.
The two important pieces of data that studios want to move from exhibition booths to outside entities is the SMPTE Facility List Message (FLM) and security logs. Just as KDMs (Key Delivery Messages) find their way to exhibitors without standardized ways of doing so, FLMs and logs will find their way to the right entities. The crux of the problem is that there are no software utilities today provided by the server companies to generate FLMs and logs from their products. This needs to be fixed. Once generated, the data could be emailed, or, if one were to underscore one of the absurdities of the DCI spec, it could be modemed. Imagine that – exhibitors requiring studios to install modems. Now there’s an idea.
