[Cache from http://www.openebook.org/members/Rights-Rules/documents/rightsandruleswgproposal/Rights%20and%20Rules%20Working%20Group%20Proposal.htm; please use this canonical URL/source if possible.]


Rights and Rules Working Group Proposal 

Working Group Summary

The mission of the Rights and Rules Working Group (“group”) is to create an open and commercially viable standard for interoperability of digital rights management (DRM) systems, providing trusted exchange of electronic publications (ePublications) among rights holders, intermediaries, and users.

Context Information

This group is being proposed in 2001. The OeBF has been officially incorporated since May 2000, and it has been working on eBook related standards since late 1998.

Also since late 1998, the following formative events have occurred:

·         Several major book publishers have been producing digital editions of books—that is, books for distribution in digital form.

·         Several major technology companies have introduced products for distributing and reading these digital books. These companies have developed workable but mutually incompatible systems for protection of copyrighted material in distributed environments.

·         Prior to its official incorporation, the OeBF achieved its first goal, which was the publication of the specification of a standard markup language for eBook content, the specification known as the OEB Publication Structure (OEB PS).

·         The OeBF is now officially incorporated, and the formerly separate EBX Working Group has merged into the OeBF. The EBX group comprised 25 member organizations, of which 19 were already OeBF members. We are fortunate that the other 6 EBX members have been given the opportunity to join OeBF as well. Still, the main effect on OeBF of this merger is the receipt of the draft EBX specification and other EBX work products.

Several members of the OeBF are proposing this group to attempt to converge quickly on a practical standard for interoperable DRM for eBooks, acting within the OeBF and following its rules and procedures.

The group’s review of related work will likely focus on past and current work that has at least completed a requirements definition, research papers, and other tangible results.

Meanwhile, other standards organizations (e.g., MPEG) are starting related standards efforts, possibly of broader scope, definitely at an earlier stage of development. The Rights and Rules group should attend to those efforts and provide for these future efforts by carefully narrowing the scope of its work and by providing for extensibility of the resulting DRM specification.

At the same time, the group is attempting to produce a useful standard in a relatively short time. The resulting DRM specification would make specific provision for extensions, versioning, and upward compatibility.

Scope

The scope of this Working Group will be to gather, analyze, prioritize, and coordinate requirements into the development and completion of an OeBF DRM specification.

The scope of work includes the following areas.

·         Glossary of terms and definitions and descriptions of stakeholders and of roles in an interoperating commercial network. The group will contribute additional terms to the Framework document as needed.

·         Determining a balance between privacy, as required by law and consumer preference, and usage tracking, as desired by publishers.

·         Selection and description of requirements addressed by the specification, including how the potential specification may interact with existing international standards.

·         Design assumptions.

·         General description of a DRM system.

·         Data definition (format and meaning) of rights-defining object.

·         Use cases addressed by the specification.

·         Definition of “trust” needed between clients and servers.

·         Provisions for upward compatibility.

·         Definitions of trust levels and processes for rating vendors and interoperating products.

·         Required trust services.

·         Definition of mutual authentication and trust negotiation by clients and servers.

·         Consideration of “superdistribution” techniques: peer-to-peer distribution of encrypted content with separate distribution of rights, temporary lending, and other peer-to-peer applications.

·         Processing, rules, and interfaces, for software manager (“engine”) handling rights objects.

·         Metadata format and elements needed by current version of specification, including the relevant identifier and identifier system; provision for later versions.

·         Data definitions for client and server credentials and for certificates.

·         Applicable laws and regulations.

·         General requirements and assumptions about container files.

·         Implementation notes: status and details of various implementations, to help implementers build interoperable products.

Initial Deployment of the Working Group

·         Proposed Working Group Chair:

·         Chair – Scott Edwards

·         Co-Vice Chairs – Tom Diaz and Yoram Yaacovi

·         Secretary – Robert Mathews

·         Proposed Working Group Charter: See “Working Group Charter” below.

·         Proposed first face-to-face meeting: The group will meet at offices of InterTrust in Santa Clara, California, on May 15, 2001, to continue work resulting from this proposal.

Summary of Resources

The Working Group will require conference call and/or meeting facilities according to the schedule determined by the Working Group Chair. In addition, the group will need OeBF web site resources to conduct its work.

Intellectual Property Information

The specification and specification process referred to below must be consistent with the Intellectual Property Policy currently under development by the OeBF.

Timeline and Schedule

The duration of the group’s charter is estimated to be between nine and 18 months.

The group will meet at least once every month, by conference call or in-person, during its existence and more often as needed. The location of each meeting will be determined after considering factors such as the location of the participating members and stakeholders. The Working Group will appoint a person to record the minutes from each meeting and make them available on the members section OeBF web site. The group anticipates additional meetings and development by subgroup(s).

List of Supporters and References

Tom Diaz – Adobe

Brad Gandee – ContentGuard

Jonathan Schull – Digital Goods

Ted Schmitt – Digital Owl

John Erickson – Hewlett-Packard Laboratories

Harold Henke – IBM

Douglas Armati – InterTrust

Robert Bolick – McGraw-Hill

Yoram Yaacovi – Microsoft

Amanda Kimmel – Random House

Chris Barlas – Rightscom

Scott Edwards – Software & Information Industry Association

Steve Mooney – Steve Mooney and Associates

Jonathan Hahn – Versaware

Working Group Charter

Mission

The mission of the Rights and Rules Working Group (“group”) is to create an open and commercially viable standard for interoperability of digital rights management (DRM) systems, providing trusted exchange of electronic publications (ePublications) among rights holders, intermediaries, and users.

Scope

The scope of this Working Group will be to gather, analyze, prioritize, and coordinate requirements into the development and completion of an OeBF DRM specification.

The scope of work includes the following areas.

·         Glossary of terms and definitions and descriptions of stakeholders and of roles in an interoperating commercial network. The group will contribute additional terms to the Framework document as needed.

·         Determining a balance between privacy, as required by law and consumer preference, and usage tracking, as desired by publishers.

·         Selection and description of requirements addressed by the specification, including how the potential specification may interact with existing international standards.

·         Design assumptions.

·         General description of a DRM system.

·         Data definition (format and meaning) of rights-defining object.

·         Use cases addressed by the specification.

·         Definition of “trust” needed between clients and servers.

·         Provisions for upward compatibility.

·         Definitions of trust levels and processes for rating vendors and interoperating products.

·         Required trust services.

·         Definition of mutual authentication and trust negotiation by clients and servers.

·         Consideration of “superdistribution” techniques: peer-to-peer distribution of encrypted content with separate distribution of rights, temporary lending, and other peer-to-peer applications.

·         Processing, rules, and interfaces, for software manager (“engine”) handling rights objects.

·         Metadata format and elements needed by current version of specification, including the relevant identifier and identifier system; provision for later versions.

·         Data definitions for client and server credentials and for certificates.

·         Applicable laws and regulations.

·         General requirements and assumptions about container files.

·         Implementation notes: status and details of various implementations, to help implementers build interoperable products.

Duration of Working Group Charter

The duration of the group’s charter is estimated to be between nine and 18 months.

Nature of the Deliverables

At the end of nine (9) months and/or the process outlined below, the group will deliver a specification in formats that the OeBF prescribes and that are appropriate for public communication. The specification will be available on the OeBF’s Web site. The group will also deliver the following:

·         Minutes from each of the group’s meetings to be posted on the members portion of the OeBF web site.

·         Referral of requirements gathered within the scope of this group, not already sought and populated by the Requirements Working Group, to the Requirements Working Group via the Requirements Database.

·         Written analysis and prioritization of the requirements within the scope of the specification.

·         Version 1.0 of the OeBF DRM Specification.

·         A recommended schedule and/or Working Group proposal for addressing requirements not dealt with in Version 1.0.

·         The Secretary will record and communicate the process arrived at by the group to the Board of Directors and the OeBF members.

Nature of Dependencies

·         While the group is not in a position to identify dependent entities at this stage, OEB PS users are potential consumers of the specification proposed by this group.

·         The proceedings of the working group will depend on the output of the other working groups including the currently proposed Metadata and Identifiers Working Groups.

Intended Degree of Confidentiality

·         The effort is completely open to the OeBF.

·         We do not expect to solicit material under nondisclosure or similar agreements: Any disclosures made to this working group can and will become public information.

Intellectual Property Requirements

·         All content developed within this group is subject to copyright of the OeBF.

·         The specification and specification process must be consistent with the Intellectual Property Policy currently under development by the OeBF.

Milestones for Work Items and Deliverables

Requirements Phase (Three (3) Months)

Gather the requirements within the group’s scope for the completion of the specification from:

·         The Requirements Database as referred by the Requirements Working Group and contributed from other Working Groups within the scope of this group, including, but not limited to, Identifiers and Metadata.

·         Organizations outside the OeBF that are related to the scope of this group. As part of the requirements gathering phase, a list of such organizations will be prepared for the purpose of collecting their requirements not yet gathered by the Requirements Working Group.

·         Other work products of relevant rights management initiatives.

Analysis Phase (Two (2) Months)

·         Provide a written critique and commentary on the relevance and utility of the requirements gathered to determine a prioritized list to move towards coordination, including a list of possible use cases addressed by the evolving specification (Note: “Use cases” are meant to include commercial, governmental, nonprofit, and other public models (e.g., interlibrary loans).

·         Publish a list of prioritized requirements.

Coordination and Development Phase (Four (4) Months – Thirteen (13) Months)

The coordination and development phase will incorporate the analyzed requirements by priority into the resulting specification and identify the technical issues to move towards this coordination. This technical harmonization of requirements will take place in subgroups created within the group.

Anticipated issues that these subgroups will address include, but are not limited to, the following:

·         Tasks to foster the standard for interoperability and its implementations.

·         Authentication systems and governance.

·         The rights language used in the specification document for example and illustration.

·         Description in the specification of certification: processes by which implementations are evaluated and “rated.”

Meeting Mechanisms and Schedules

The group will meet at least once every month during its existence and more often as needed. The location of each meeting will be determined after considering factors such as the location of the participating Members and Stakeholders. The group will appoint a person to record the minutes from each meeting and make them available on the members section OeBF web site. The group also anticipates additional meetings and development by subgroup(s).

Communication Mechanisms

The group will communicate via e-mail, the OeBF web site, conference call, and during in-person discussions as scheduled. The working process for the group will remain open to all OeBF members, but not open to the general public. The specification, however, will be available to the general public upon its completion.

Level of Involvement of the Working Group’s Members

·         Track developments.

·         Write and edit specifications.

Estimated Time Commitment

Five to ten hours per week per participant.

Working Group Chair

Chair – Scott Edwards

Co-Vice Chairs – Tom Diaz and Yoram Yaacovi

Secretary – Robert Mathews