[pornel]

There's more to it. The EME API is useless without the undocumented proprietary plug-in side (called CDM in the spec). It has no technical purpose. It's only to "standards-wash" an entirely closed DRM by Google (and everyone else's proprietary DRMs).

The spec contains diagrams and descriptions that have been acknowledged by its authors to be factually incorrect. EME pretends to be an in-browser thing, rather than hardware+kernel "hard" DRM. The spec proponents stated that they'll never use the scheme in the spec, and the "hard" DRM is the key feature they're after.

There have been a lot of process shenanigans: e.g. during likely the biggest disagreement in the history of W3C, the chair of the HTML WG announced that there is a consensus in the group about EME, and it can proceed further. Then the EME part has been moved out of public HTML WG to a closed-doors group.

So it wasn't merely Google+Netflix saying "we'll do it anyway". It was a subversion and corruption of the W3C itself.

[shadowgovt]

"Standards-wash" is such an odd phrase.

If I need to build an HTML parser in a world with proprietary CDM, I sure as hell prefer that CDM to declare itself in a standardized way than to have my parser need to handle non-standardized content declarations. Having a standard benefits even user agents that don't plan to support the feature.

[pornel]

It doesn't work as you imagine. You can't use the EME spec for anything. It is equivalent to saying Flash is a Web Standard, because the spec says you invoke it with <object type="flash"> with no further details (which is less than NPAPI that actual Flash used to use).

The spec, both for browser developers and site authors, is completely impossible to use without a secret unspecified component. EME CDM isn't even a real component, but a spec placeholder for arbitrary vendor-specific code that has no standard API, and intentionally never will.

That secret component is for all practical purposes absolutely necessary and implements 99% of the functionality. The only key exchange scheme described in EME is a deliberate misdirection, and it's not used by anyone.

I can't emphasize enough how sleazy EME is. Google and Netflix have devised and documented a key exchange scheme nobody asked for, nobody uses, and even they have explicitly said they will never use it. The only purpose of this spec is to merely exist, so that DRM vendors like Google can exploit the confusion to say their closed proprietary DRM, which is not in the spec, and doesn't even work the way spec describes DRMs, is somehow a standard.

(I was an Invited Expert in W3C HTML Working Group when this spec was being written)