Common use of Generic Streaming Requirements Clause in Contracts

Generic Streaming Requirements. The requirements in this section 7 apply in all cases where streaming is supported. Streams shall be encrypted using AES 128 (as specified in NIST FIPS-197) or other robust, industry-accepted algorithm with a cryptographic strength and key length such that it is generally considered computationally infeasible to break. Encryption keys shall not be delivered to clients in a cleartext (un-encrypted) state. The integrity of the streaming client shall be verified by the streaming server before commencing delivery of the stream to the client. Licensee shall use a robust and effective method (for example, short-lived and individualized URLs for the location of streams) to ensure that streams cannot be obtained by unauthorized users. Flash Streaming Requirements The requirements in this section ‎7 only apply if the Adobe Flash product is used to provide the Content Protection System. Adobe RTMPE is approved for streaming using the following Adobe product versions or later: Client side: Flash Player 10.0.22 Server side: FMS 3.51 and FMS 3.03 Licensee will make reasonable commercial efforts to stay up to date with the “then current” versions of the above Adobe products. Progressive downloading of licensed content is prohibited. Flash Encoded Content (including FLV and F4V file formats) must be streamed using Adobe RTMP-E protocol. Flash servers shall be configured such that RTMP-E is enabled, and RTMP is disabled. No content shall be available through both RTMP and RTMP-E. Flash Media Servers shall be configured such that SWF Verification is enabled. Licensee’s and/or its designated CDN shall implement “Token Authentication”, i.e. mechanism that creates a short-lived URL (approx 3-5 minutes) for content by distributing a “token” to the client only at such a time it is authorized to receive the VOD Stream. Licensee must migrate from RTMP-E (stream encryption) to Adobe DRM i.e. Flash Media Rights Management Server successor “Flash Access 2.0” (file-based encryption) or other DRM approved by Licensor in writing within 6 months of the commercial launch of Flash Access 2.0 or such other time as agreed to by the parties and be in full compliance with all content protection provisions herein;. Licensee must make reasonable commercial efforts to comply with Adobe compliance and robustness rules for Flash Server products at such a time when they become widely commercially available.

Generic Streaming Requirements. The requirements in this section 7 apply in all cases where streaming is supported. Streams shall be encrypted using AES 128 (as specified in NIST FIPS-197) or other robust, industry-accepted algorithm with a cryptographic strength and key length such that it is generally considered computationally infeasible to break. Encryption keys shall not be delivered to clients in a cleartext (un-encrypted) state. The integrity of the streaming client shall be verified by the streaming server before commencing delivery of the stream to the client. Licensee shall use a robust and effective method (for example, short-lived and individualized URLs for the location of streams) to ensure that streams cannot be obtained by unauthorized users. Flash Streaming Requirements The requirements in this section ‎7 8 only apply if the Adobe Flash product is used to provide the Content Protection System. Adobe RTMPE is approved for streaming using the following Adobe product versions or later: Client side: Flash Player 10.0.22 Server side: FMS 3.51 and FMS 3.03 Licensee will make reasonable commercial efforts to stay up to date with the “then current” versions of the above Adobe products. Progressive downloading of licensed content is prohibited. Flash Encoded Content (including FLV and F4V file formats) must be streamed using Adobe RTMP-E protocol. Flash servers shall be configured such that RTMP-E is enabled, and RTMP is disabled. No content shall be available through both RTMP and RTMP-E. Flash Media Servers shall be configured such that SWF Verification is enabled. Licensee’s and/or its designated CDN shall implement “Token Authentication”, i.e. mechanism that creates a short-lived URL (approx 3-5 minutes) for content by distributing a “token” to the client only at such a time it is authorized to receive the VOD Stream. Licensee must migrate from RTMP-E (stream encryption) to Adobe DRM i.e. Flash Media Rights Management Server successor “Flash Access 2.0” (file-based encryption) or other DRM approved by Licensor in writing within 6 months of the commercial launch of Flash Access 2.0 or such other time as agreed to by the parties and be in full compliance with all content protection provisions herein;. Licensee must make reasonable commercial efforts to comply with Adobe compliance and robustness rules for Flash Server products at such a time when they become widely commercially available. Microsoft Silverlight The requirements in this section 9 only apply if the Microsoft Silverlight product is used to provide the Content Protection System. Microsoft Silverlight is approved for streaming if using Silverlight 2 or later version. When used as part of a streaming service only (with no download), Playready licenses shall only be of the the SimpleNonPersistent license class. Within 6 months of the commercial launch of Silverlight 4, Licensee shall migrate to Silverlight 4 and be in full compliance with all content protection provisions herein or;. Within 6 months of the commercial launch of Silverlight 4, Licensee shall migrate to alternative, Licensor-approved DRM/streaming protection technology in full compliance with content protection requirements herein. Protection Against Hacking54 Any system used to protect Licensed Content must support the following: Playback licenses, revocation certificates, and security-critical data shall be cryptographically protected against tampering, forging, and spoofing. The Content Protection System shall employ industry accepted tamper-resistant technology on hardware and software components (e.g., technology to prevent such hacks as a clock rollback, spoofing, use of common debugging tools, and intercepting unencrypted content in memory buffers). The Content Protection System shall be designed, as far as is commercially and technically reasonable, to be resistant to “break once, break everywhere” attacks. The Content Protection System shall employ tamper-resistant software. Examples of tamper resistant software techniques include, without limitation: Code and data obfuscation: The executable binary dynamically encrypts and decrypts itself in memory so that the algorithm is not unnecessarily exposed to disassembly or reverse engineering.

Generic Streaming Requirements. The requirements in this section 7 7. apply in all cases where streaming is supported. Streams shall be encrypted using AES 128 (as specified in NIST FIPS-197) or other robust, industry-accepted algorithm with a cryptographic strength and key length such that it is generally considered computationally infeasible to break. Encryption keys shall not be delivered to clients in a cleartext (un-encrypted) state. The integrity of the streaming client shall be verified by the streaming server before commencing delivery of the stream to the client. Licensee shall use a robust and effective method (for example, short-lived and individualized URLs for the location of streams) to ensure that streams cannot be obtained by unauthorized users. Flash Streaming Requirements The requirements in this section ‎7 8. only apply if the Adobe Flash product is used to provide the Content Protection System. Adobe RTMPE is approved for streaming using the following Adobe product versions or later: Client side: Flash Player 10.0.22 Server side: FMS 3.51 and FMS 3.03 Licensee will make reasonable commercial efforts to stay up to date with the “then current” versions of the above Adobe products. Progressive downloading of licensed content is prohibited. Flash Encoded Content (including FLV and F4V file formats) must be streamed using Adobe RTMP-E protocol. Flash servers shall be configured such that RTMP-E is enabled, and RTMP is disabled. No content shall be available through both RTMP and RTMP-E. Flash Media Servers shall be configured such that SWF Verification is enabled. Licensee’s and/or its designated CDN shall implement “Token Authentication”, i.e. mechanism that creates a short-lived URL (approx 3-5 minutes) for content by distributing a “token” to the client only at such a time it is authorized to receive the VOD Stream. Licensee must migrate from RTMP-E (stream encryption) to Adobe DRM i.e. Flash Media Rights Management Server successor “Flash Access 2.0” (file-based encryption) or other DRM approved by Licensor in writing within 6 months of the commercial launch of Flash Access 2.0 or such other time as agreed to by the parties and be in full compliance with all content protection provisions herein;. Licensee must make reasonable commercial efforts to comply with Adobe compliance and robustness rules for Flash Server products at such a time when they become widely commercially available. Microsoft Silverlight The requirements in this section 9. only apply if the Microsoft Silverlight product is used to provide the Content Protection System. Microsoft Silverlight is approved for streaming if using Silverlight 2 or later version. When used as part of a streaming service only (with no download), Playready licenses shall only be of the the SimpleNonPersistent license class. Within 6 months of the commercial launch of Silverlight 4, Licensee shall migrate to Silverlight 4 and be in full compliance with all content protection provisions herein or;. Within 6 months of the commercial launch of Silverlight 4, Licensee shall migrate to alternative, Licensor-approved DRM/streaming protection technology in full compliance with content protection requirements herein. Protection Against Hacking Any system used to protect Licensed Content must support the following: Playback licenses, revocation certificates, and security-critical data shall be cryptographically protected against tampering, forging, and spoofing. The Content Protection System shall employ industry accepted tamper-resistant technology on hardware and software components (e.g., technology to prevent such hacks as a clock rollback, spoofing, use of common debugging tools, and intercepting unencrypted content in memory buffers). The Content Protection System shall be designed, as far as is commercially and technically reasonable, to be resistant to “break once, break everywhere” attacks. The Content Protection System shall employ tamper-resistant software. Examples of tamper resistant software techniques include, without limitation: Code and data obfuscation: The executable binary dynamically encrypts and decrypts itself in memory so that the algorithm is not unnecessarily exposed to disassembly or reverse engineering.

Generic Streaming Requirements. The requirements in this section 7 apply in all cases where streaming is supported. Streams shall be encrypted using AES 128 (as specified in NIST FIPS-197) or other robust, industry-accepted algorithm with a cryptographic strength and key length such that it is generally considered computationally infeasible to break. Encryption keys shall not be delivered to clients in a cleartext (un-encrypted) state. The integrity of the streaming client shall be verified by the streaming server before commencing delivery of the stream to the client. Licensee shall use a robust and effective method (for example, short-lived and individualized URLs for the location of streams) to ensure that streams cannot be obtained by unauthorized users. Flash Streaming Requirements The requirements in this section ‎7 8 only apply if the Adobe Flash product is used to provide the Content Protection System. Adobe RTMPE is approved for streaming using the following Adobe product versions or later: Client side: Flash Player 10.0.22 Server side: FMS 3.51 and FMS 3.03 Licensee will make reasonable commercial efforts to stay up to date with the “then current” versions of the above Adobe products. Progressive downloading of licensed content is prohibited. Flash Encoded Content (including FLV and F4V file formats) must be streamed using Adobe RTMP-E protocol. Flash servers shall be configured such that RTMP-E is enabled, and RTMP is disabled. No content shall be available through both RTMP and RTMP-E. Flash Media Servers shall be configured such that SWF Verification is enabled. Licensee’s and/or its designated CDN shall implement “Token Authentication”, i.e. mechanism that creates a short-lived URL (approx 3-5 minutes) for content by distributing a “token” to the client only at such a time it is authorized to receive the VOD Stream. Licensee must migrate from RTMP-E (stream encryption) to Adobe DRM i.e. Flash Media Rights Management Server successor “Flash Access 2.0” (file-based encryption) or other DRM approved by Licensor in writing within 6 months of the commercial launch of Flash Access 2.0 or such other time as agreed to by the parties and be in full compliance with all content protection provisions herein;. Licensee must make reasonable commercial efforts to comply with Adobe compliance and robustness rules for Flash Server products at such a time when they become widely commercially available.