After a two year self-imposed moratorium on changes to its spec, DCI released 26 “errata” to the DCI Specification this month. While many of these changes are clarifications or more editorial in nature, some very significant changes were made. These can be broadly classified in four areas:
- Elimination of the modem
- Selective forensic marking of audio
- New criteria for in-projector media blocks
- Dual-certificate implementation to meet new NIST rules
The elimination of the modem for KDM transmission is old news, as the requirement has disappeared from more recent deployment agreements. Its primary perpetrator, Fox, has been promoting networked based management of security for about a year, a far more enlightened approach from the use of archaic telephone modems. But it’s still good to see it confirmed, at last.
Anti-piracy efforts are pushing for the forensic marking of audio. It’s said that this marking audibly degrades quality, but we digress. In the world of piracy, image and sound are often pirated from different sources and later married to produce the complete stolen copy. Image marking is common, and there has been much success in learning the patterns of, and indeed, in capturing, pirates. But marking has not been turned on for audio, and enforcement efforts want it turned on.
A problem with marking audio is that not all audio tracks are used for audio. In recent years, motion seats have been introduced, for which a control signal is recorded on the audio track. Marking an audio track carrying digital control data will destroy the data. The solution that DCI prescribes in its new errata is the introduction of a flag that instructs the media block to not mark audio tracks whose track number is above a certain count. This works when the channel locations are prescribed, as they are today. But how this will play out when audio channel labeling is introduced remains to be seen, as labeling no longer requires specific channel locations in the track file.
In-projector media blocks were envisioned when the DCI spec was first introduced, and have always been included in the spec. But details tend to surface once implementation of a new technology begins, and in-projector media blocks have been no exception. An example of unanticipated behavior addressed by the errata is to block the decryption functions of an in-projector media block when operated outside of the projector.
Population of the KDM DeviceList requires knowledge of projector security certificates. Up until now, DCI had not specified a uniform command for pulling such information from the projector. With this errata, the GetProjCert command is introduced. With studios such as Fox now working to populate Facility List Messages (FLMs) with projector certificates, the need for a shared method among projector manufacturers is no doubt appreciated. But it’s not clear why DCI chose to add this to its spec without a companion command to pull the certificate(s) from the media block.
The new errata also introduces the concept of two security certificates in the media block. Two certificates are now required in new media block designs to meet new FIPS 140 rules imposed by NIST. A description of how the two certificates are utilized and tracked was given in an earlier report. The new errata prescribes how the 2nd certificate is to be tracked using the security log. Note that the method adopted by DCI does not impose any changes on the use of the SMPTE KDM.