Common use of Apple http live streaming Clause in Contracts

Apple http live streaming. The requirements in this section “Apple http live streaming” only apply if Apple http live streaming is used to provide the Content Protection System. 9.1. Licensee shall migrate from use of http live streaming (implementations of which are not governed by any compliance and robustness rules nor any legal framework ensuring implementations meet these rules) to use of an industry accepted DRM or secure streaming method which is governed by compliance and robustness rules and an associated legal framework, within a mutually agreed timeframe. 9.2. Http live streaming on iOS devices may be implemented either using applications or using the provisioned Safari browser. 9.3. The URL from which the m3u8 manifest file is requested shall be unique to each requesting client. 9.4. The m3u8 manifest file shall only be delivered to requesting clients/applications that have been authenticated in some way as being an authorized client/application. 9.5. The streams shall be encrypted using AES-128 encryption (that is, the METHOD for EXT-X-KEY shall be ‘AES-128’). 9.6. The content encryption key shall be delivered via SSL (i.e. the URI for EXT-X-KEY, the URL used to request the content encryption key, shall be a https URL). 9.7. Output of the stream from the receiving device shall not be permitted unless this is explicitly allowed elsewhere in the schedule. No APIs that permit stream output shall be used in applications (where applications are used). 9.8. The client shall NOT cache streamed media for later replay (i.e. EXT-X-ALLOW- CACHE shall be set to ‘NO’). 9.9. iOS implementations (either applications or implementations using Safari and Quicktime) of http live streaming shall use APIs within Safari or Quicktime for delivery and display of content to the greatest possible extent. That is, implementations shall NOT contain implementations of http live streaming, decryption, de-compression etc but shall use the provisioned iOS APIs to perform these functions. 9.10. iOS applications, where used, shall follow all relevant Apple developer best practices and shall by this method or otherwise ensure the applications are as secure and robust as possible. 9.11. iOS applications shall include functionality whith detects if the iOS device on which they execute has been “jailbroken” and shall disable all access to protected content and keys if the device has been jailbroken. Protection Against Hacking

Apple http live streaming. The requirements in this section “Apple http live streaming” only apply if Apple http live streaming is used to provide the Content Protection System. 9.110.1. The URL from which the m3u8 manifest file is requested shall be unique to each requesting client. 10.2. The m3u8 manifest file shall only be delivered to requesting clients/applications that have been authenticated in some way as being an authorized client/application. 10.3. The streams shall be encrypted using AES-128 encryption (that is, the METHOD for EXT-X-KEY shall be ‘AES-128’). 10.4. The content encryption key shall be delivered via SSL (i.e. the URI for EXT-X-KEY, the URL used to request the content encryption key, shall be a https URL). 10.5. The SSL connection used to obtain the content encryption key shall use both server and client authentication. The client key must be stored securely within the application using obfuscation or a similar method of protection. It is acceptable for the client key used for SSL client authentication to be the same for all instances of the application. 10.6. Output of the stream from the receiving device shall not be permitted unless this is explicitly allowed elsewhere in the schedule. No APIs that permit stream output shall be used in the application. 10.7. The client shall NOT cache streamed media for later replay (i.e. EXT-X-ALLOW-CACHE shall be set to ‘NO’). 10.8. iOS applications implementing http live streaming shall use APIs within Safari or Quicktime for delivery and display of content to the greatest possible extent. That is, applications shall NOT contain implementations of http live streaming, decryption, de-compression etc but shall use the provisioned iOS APIs to perform these functions. 10.9. iOS applications shall follow all relevant Apple developer best practices and shall by this method or otherwise ensure the applications are as secure and robust as possible. 10.10. Licensee shall migrate from use of http live streaming (implementations of which are not governed by any compliance and robustness rules nor any legal framework ensuring implementations meet these rules) to use of an industry accepted DRM or secure streaming method which is governed by compliance and robustness rules and an associated legal framework, within a mutually agreed timeframe. 9.2. Http live streaming on iOS devices may be implemented either using applications or using the provisioned Safari browser. 9.3. The URL from which the m3u8 manifest file is requested shall be unique to each requesting client. 9.4. The m3u8 manifest file shall only be delivered to requesting clients/applications that have been authenticated in some way as being an authorized client/application. 9.5. The streams shall be encrypted using AES-128 encryption (that is, the METHOD for EXT-X-KEY shall be ‘AES-128’). 9.6. The content encryption key shall be delivered via SSL (i.e. the URI for EXT-X-KEY, the URL used to request the content encryption key, shall be a https URL). 9.7. Output of the stream from the receiving device shall not be permitted unless this is explicitly allowed elsewhere in the schedule. No APIs that permit stream output shall be used in applications (where applications are used). 9.8. The client shall NOT cache streamed media for later replay (i.e. EXT-X-ALLOW- CACHE shall be set to ‘NO’). 9.9. iOS implementations (either applications or implementations using Safari and Quicktime) of http live streaming shall use APIs within Safari or Quicktime for delivery and display of content to the greatest possible extent. That is, implementations shall NOT contain implementations of http live streaming, decryption, de-compression etc but shall use the provisioned iOS APIs to perform these functions. 9.10. iOS applications, where used, shall follow all relevant Apple developer best practices and shall by this method or otherwise ensure the applications are as secure and robust as possible. 9.11. iOS applications shall include functionality whith detects if the iOS device on which they execute has been “jailbroken” and shall disable all access to protected content and keys if the device has been jailbroken. Protection Against Hacking

Apple http live streaming. The requirements in this section ““ Apple http live streaming” only apply if Apple http live streaming is used to provide the Content Protection System. 9.110.1. The URL from which the m3u8 manifest file is requested shall be unique to each requesting client. 10.2. The m3u8 manifest file shall only be delivered to requesting clients/applications that have been authenticated in some way as being an authorized client/application. 10.3. The streams shall be encrypted using AES-128 encryption (that is, the METHOD for EXT-X-KEY shall be ‘AES-128’). 10.4. The content encryption key shall be delivered via SSL (i.e. the URI for EXT-X-KEY, the URL used to request the content encryption key, shall be a https URL). 10.5. The SSL connection used to obtain the content encryption key shall use both server and client authentication. The client key must be stored securely within the application using obfuscation or a similar method of protection. It is acceptable for the client key used for SSL client authentication to be the same for all instances of the application. 10.6. Output of the stream from the receiving device shall not be permitted unless this is explicitly allowed elsewhere in the schedule. No APIs that permit stream output shall be used in the application. 10.7. The client shall NOT cache streamed media for later replay (i.e. EXT-X-ALLOW-CACHE shall be set to ‘NO’). 10.8. iOS applications implementing http live streaming shall use APIs within Safari or Quicktime for delivery and display of content to the greatest possible extent. That is, applications shall NOT contain implementations of http live streaming, decryption, de- compression etc but shall use the provisioned iOS APIs to perform these functions. 10.9. iOS applications shall follow all relevant Apple developer best practices and shall by this method or otherwise ensure the applications are as secure and robust as possible. 10.10. Licensee shall migrate from use of http live streaming (implementations of which are not governed by any compliance and robustness rules nor any legal framework ensuring implementations meet these rules) to use of an industry accepted DRM or secure streaming method which is governed by compliance and robustness rules and an associated legal framework, within a mutually agreed timeframe. 9.2. Http live streaming on iOS devices may be implemented either using applications or using the provisioned Safari browser. 9.3. The URL from which the m3u8 manifest file is requested shall be unique to each requesting client. 9.4. The m3u8 manifest file shall only be delivered to requesting clients/applications that have been authenticated in some way as being an authorized client/application. 9.5. The streams shall be encrypted using AES-128 encryption (that is, the METHOD for EXT-X-KEY shall be ‘AES-128’). 9.6. The content encryption key shall be delivered via SSL (i.e. the URI for EXT-X-KEY, the URL used to request the content encryption key, shall be a https URL). 9.7. Output of the stream from the receiving device shall not be permitted unless this is explicitly allowed elsewhere in the schedule. No APIs that permit stream output shall be used in applications (where applications are used). 9.8. The client shall NOT cache streamed media for later replay (i.e. EXT-X-ALLOW- CACHE shall be set to ‘NO’). 9.9. iOS implementations (either applications or implementations using Safari and Quicktime) of http live streaming shall use APIs within Safari or Quicktime for delivery and display of content to the greatest possible extent. That is, implementations shall NOT contain implementations of http live streaming, decryption, de-compression etc but shall use the provisioned iOS APIs to perform these functions. 9.10. iOS applications, where used, shall follow all relevant Apple developer best practices and shall by this method or otherwise ensure the applications are as secure and robust as possible. 9.11. iOS applications shall include functionality whith detects if the iOS device on which they execute has been “jailbroken” and shall disable all access to protected content and keys if the device has been jailbroken. Protection Against Hacking

Apple http live streaming. The requirements in this section “Apple http live streaming” only apply if Apple http live streaming is used to provide the Content Protection System. Apple http live streaming is only permitted if secured by Verimatrix VCAS3.0. 9.110.1. Licensee shall migrate from use of http live streaming (implementations of which are not governed by any compliance and robustness rules nor any legal framework ensuring implementations meet these rules) to use of an industry accepted DRM or secure streaming method which is governed by compliance and robustness rules and an associated legal framework, within a mutually agreed timeframe. 9.210.2. Http live streaming on iOS devices may be implemented either using applications or using the provisioned Safari browser. 9.310.3. The URL from which the m3u8 manifest file is requested shall be unique to each requesting client.[intentionally omitted] 9.410.4. The m3u8 manifest file shall only be delivered to requesting clients/applications that have been authenticated in some way as being an authorized client/application. 9.510.5. The streams shall be encrypted using AES-128 encryption (that is, the METHOD for EXT-X-KEY shall be ‘AES-128’). 9.610.6. The content encryption key shall be delivered via SSL (i.e. the URI for EXT-X-KEY, the URL used to request the content encryption key, shall be a https URL). 9.710.7. Output of the stream from the receiving device shall not be permitted unless this is explicitly allowed elsewhere in the schedule. No APIs that permit stream output shall be used in applications (where applications are used). 9.810.8. The client shall NOT cache streamed media for later replay (i.e. EXT-X-ALLOW- ALLOW-CACHE shall be set to ‘NO’). 9.910.9. iOS implementations (either applications or implementations using Safari and Quicktime) of http live streaming shall use APIs within Safari or Quicktime for delivery and display of content to the greatest possible extent. That is, implementations shall NOT contain implementations of http live streaming, decryption, de-compression etc but shall use the provisioned iOS APIs to perform these functions. 9.1010.10. iOS applications, where used, shall follow all relevant Apple developer best practices and shall by this method or otherwise ensure the applications are as secure and robust as possible. 9.11. iOS applications shall include functionality whith detects if the iOS device on which they execute has been “jailbroken” and shall disable all access to protected content and keys if the device has been jailbroken. Protection Against Hacking