[dschleef]

Compliance rules for Microsoft Playready: http://www.microsoft.com/playready/licensing/compliance/

The encryption part of DRM systems is effectively the same as client-side SSL certificates with a secret SSL certificate. How well it's kept secret is defined in the compliance documents. This secret, plus a secure decoding and output path, are the engineering core of DRM systems.

Studios require "industry standard DRM" for movies and TV shows, with lesser requirements for SD. This effectively means "DRM backed by some entity with lots of money that we can sue if things go wrong". Studios approve each individual device that you serve to, usually with compliance targets at some particular future date for various existing loopholes.

Flash (Adobe Access) is somewhat different, and has an obfuscated method for generating the equivalent of a client cert, thus on laptops it's only rated for SD by most (all?) studios. Apparently studios don't care too much about people copying SD content.

Studios would theoretically approve watermarking DRM systems, but there are two major barriers: having a large (ahem, suable) company offering it, and some way to serve individualized media through a CDN. Neither seem likely. So nobody loses too much sleep about whether studios would actually approve watermarking.