Announcement

Collapse
No announcement yet.

FTP download of certs for non-mainatream players.

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    FTP download of certs for non-mainatream players.

    HI all,

    I am in the middle of creating a tool to allow self-distributors to freely encrypt DCPs.

    The way it works is that the distributor submits a CPL with DCDM, and anyone with the CPL/uuid can enter it and the target players into the website to generate KDM that allow playback for the next 7 days.
    To ensure only certified DCI players are the ONLY target security-manage the solution can generate KDMs for, I am collecting all the active certificates by writing a tool that collects periodically them from the major vendors.
    I have Dolby, Barco, GDC (Mostly), Qube. But I am after FTP access to the less-known players.
    Sony, Christie, USL or any others people may know of.

    I am also adding certificate chain verification of all certificates that enter the system. i.e. the chain has to cryptographically be verified up to the root CA from each vendor. I expect the vendor would appreciate a 3rd party audit of all the certificates they have.

    I would appreciate it if others could help collect the data regarding access to certificates for these less common players.

    Thanks.
    James
    Tags: None
  • #2
    Sony used to have limited FTP access by-invitation-only for some shops that created lots of KDMs, but this was never a publicly announced service. Their point of view is that every distributor should get the server certificates from the respective exhibitor. The problem is obviously that Sony is winding down their DCI operations, so it's questionable how much incentives there might be to open up any existing databases to new parties.

    I've never bothered to check for Christie, because their IMBs seem to have gone the way of the dodo around here, after the SolariaOne debacle. Apparently, there are logins available that give access to certificates. Whether this is a vanilla FTP site, a website or something else, I don't know.

    As for USL, I've never encountered one of their IMBs in the wild, but maybe Harold Hallikainen can shed some light on wether or not USL (now QSC) provides some kind of public accessible certificate database.​

    Originally posted by James Gardiner View Post
    I am also adding certificate chain verification of all certificates that enter the system. i.e. the chain has to cryptographically be verified up to the root CA from each vendor. I expect the vendor would appreciate a 3rd party audit of all the certificates they have.
    I remember a few weeks back how much everybody appreciated vendors diligently checking the entire certificate chain for validity.

    Comment

    • #3
      I have a URL for USL certificates, but it is no longer active.

      Comment

      • #4
        Does anyone have a copy of the Cert directory tree of say, Sony, USL, Christie?
        I expect many of these units have hit the second tier markets as the majors move on to better-supported equipment. I think we need to make sure this second tier is part of the conversation.

        Comment

        Previous template Next
        Working...
        X