I'm sorry but I guess I have to disagree with you. Trusted software cannot
see each other, or else you will eventually have a corrupt application get
signed and extract runnable code from all products using the DRM.
You will always have this risk. Trusted software can be buggy, as can
trusted hardware. The main risk is that some vendors (both software
and hardware) will deliberately build in back doors, as we see with
region free DVD players etc.
Anyway, chances are there will be several levels of trust that a piece
of software can have. They can go completely wild with this, of
course, but it's a safe bet that a music player will need much lower
level of trust than what a virus scanner will. The buggy music player
may only let the user copy music (perhaps) while a buggy virus scanner
can be a lot more problematic.
The level of trust required by the virus scanner makes it probable
that this functionality will primarily be part of the OS anyway.
The program wouldn't have to be deliberately corrupt, let's say that there
are 5000 encrypted DRM programs out there and one of them was owned by a
crappy garage company which goes out of business. As their dying act they
make all of their code open source and publish it - but the original signed
encrypted copies still exist and can be purchased on eBay - so some hackers
buy it, and use the open source code to gain access to the black box in the
CPU by exploiting security holes in the product. Then because the CPU will
give up everything as soon as the certificates match, they can purchase
every DRM protected piece of code out there and extracted the code, and
begin selling it illegally. Once you have the disassembly after all, it is
pretty easy to make hacks - it happens all the time. So I think, by
example, allowing signed authorities to see each other's data doesn't make
much sense.
When this was known to have happened, the certificates of the cracked
software would be revoked, making it problematic for the general
public to use it: Once they find a need to upgrade/patch their
computer (or just connect to the Internet), the OS will download the
revocation list and automatically reject the suspect software.
Legitimate purchasers will get it back in working order again on the
next product update. (Which may be tied to their CPU's certificate or
some other unique, personal identification.)
Warez groups could still use it to make non-protected versions of
older music/movies/software/etc but no new releases could be accessed
with the revoked certificates. Much warezed software would be
particularly useless since it wouldn't have the certificates necessary
to access a lot of media or hardware on an up-to-date system. And
there will be reasons for people to want their systems to be up to
date.
Also, Microsoft would be unlikely to give a crappy garage company the
licenses it needs to access other applications at its whim. Symantec
could get this, but Snakeoil Intl. wouldn't. Vulnerabilities would
tend to be less broad - perhaps affecting a media player or somesuch.
I feel the same way about online transactions. I purchase from newegg and
they are signed by a believed secure company called verisign. However, I
would be seriously pissed if I found out that every company that has a
certificate with verisign could see my credit card and other info. It's the
same scenario - just in reverse. Companies will not pay to have their
software protected if it isn't going to be protected at all.
It will be protected, but that's not really the point of the
software's certificate(s). The certificate is something that gives the
software privileges it otherwise would not have. If it wants to play
protected music, it may have certificates that allow it to do this. In
order to get this, it might have to negotiate with Sony or some
consortium for a certificate to read the media and with Microsoft for
a certificate that gives permission to stream it through the OS to
appropriate outputs.
Alternatively, if both the CD reader and the speakers are trusted and
the player software doesn't need to do anything fancy to the music, it
could just tell the OS to "stream media from CD to speakers" and it
would all happen through a trusted channel without any protected media
passing through the player software at all. This software may not need
any certificates since it isn't direcly touching anything that is
protected.
Cheers
Bent D