Assuming the files are encrypted anyway for DRM reasons: why should static content like movies be TLSed? I know I know, "TLS all the things", but it sounds like a high cost at Netflix scale.
I would have thought this would have originally been driven by wanting to prevent a browser mixed content warning given that something like 15% of Netflix viewing happens in browsers (and the browser warnings switched to blocking in 2020 [Chromium] and 2024 [WebKit/Gecko]).
@drewg123 starts discussing this section at 4:21 in the presentation: https://www.youtube.com/watch?v=WzfADu1qyAM&t=261 ("we had this mandate that we had to start encrypting communications between our servers and our clients")
However, I wonder if the mandate was led by Apple. It looks like it was 2015 (at iOS 9.0 / macOS 10.11) that Apple began requiring that network connections made by apps use TLS. While exceptions are allowed, they are discouraged and require a justification for App Store review: https://developer.apple.com/documentation/security/preventin...
Browser behavior like mixed content warnings (and a clear slide towards discouraging all non-HTTPS traffic) was the impetus for us at Twitch to TLS all our video in the mid-2010s. Mixed content delivery on a website would, I think, also fall below the bar for doing certain kinds of commerce, and ejecting people from your webapp to a separate payment flow discourages spending.
I refused to connect my TV to the internet and use a Vero V for all of my watching needs. The Vero V is absolutely worse than most other experiences, but I'm happy.
It seems like it took engineering work, but TLS isn't their bottleneck when the data flow is structured correctly for the hardware (which is kind of the thesis of a lot of the Netflix CDN node optimization stuff).
@drewg123 starts discussing this section at 4:21 in the presentation: https://www.youtube.com/watch?v=WzfADu1qyAM&t=261 ("we had this mandate that we had to start encrypting communications between our servers and our clients")
Netflix announced the change in 2016, citing viewer privacy from eavesdropping: https://netflixtechblog.com/protecting-netflix-viewing-priva...
However, I wonder if the mandate was led by Apple. It looks like it was 2015 (at iOS 9.0 / macOS 10.11) that Apple began requiring that network connections made by apps use TLS. While exceptions are allowed, they are discouraged and require a justification for App Store review: https://developer.apple.com/documentation/security/preventin...