Schedule for key rotation

[melads]

Hi,
SPEKE only uses the ContentKeyPeriod@index for key rotation and not the start and end attributes. This creates issues to license servers that would like to be aware of key rotation schedule. This is needed for example to enable application to pre-fetch keys at specific times. More generally, this feature can assist license servers to provide licenses with their knowledge of what key needs to be delivered, without waiting for the player to read the keyID from the manifest.

Is there an assumption that the encryptor and not the key server manages the key rotation schedule?
If so, there needs to be a way to query the encryptor's schedule to understand which periodId/index will be applicable at any given time. I know this is out of SPEKE scope, but the issue can be solved within SPEKE.

If the key server would manage the key rotation schedule, it would be able to provide the encryptor with the keys, period index and time to do the key rotation as part of the CPIX response. It would also be able to serve keys with time information to the license server.

Can this be somehow introduced into SPEKE?

Thanks,
M

[nicoweilelemental]

Same answer as last year: SPEKE roadmap discussions usually happen though the SPEKE Partners program or the DASH-IF Security taskforce. If you are not in these two circles, please reach out by DM to me (Nicolas Weil) on video-dev slack.