* That the current state of the industry in crypto development is so weak and poorly understood that many of the statements people make about DRM are rooted not in theory but in observations about incompetant cryptosystems, and that when implemented well, DRM crypto actually has a good track record (cryptocard satellite TV, Blu-Ray). I was hoping to use this thesis as a coat rack for a bunch of practical advice about crypto in general.
* That the security goal of DRM is not about absolute platform integrity, but about meeting the commercial objectives of content providers, and that when you relax constraints from "absolutely protecting media" to "making sure titles are difficult to pirate during their new-release window to maximize profit", you get opportunities for interesting approaches to security, like renewability.
* That taken together, these two ideas suggest that DRM is actually a really interesting CS problem, and --- leaving politics out of it --- even if you believe it's destined to fail, it's worthy of study.
* That the security goal of DRM is not about absolute platform integrity, but about meeting the commercial objectives of content providers, and that when you relax constraints from "absolutely protecting media" to "making sure titles are difficult to pirate during their new-release window to maximize profit", you get opportunities for interesting approaches to security, like renewability.
* That taken together, these two ideas suggest that DRM is actually a really interesting CS problem, and --- leaving politics out of it --- even if you believe it's destined to fail, it's worthy of study.