| ▲ | comment0r 2 hours ago | ||||||||||||||||
Assuming the files are encrypted anyway for DRM reasons: why should static content like movies be TLSed? I know I know, "TLS all the things", but it sounds like a high cost at Netflix scale. | |||||||||||||||||
| ▲ | keane an hour ago | parent | next [-] | ||||||||||||||||
I would have thought this would have originally been driven by wanting to prevent a browser mixed content warning as ~15% of Netflix viewing happens in browsers (and the browser warnings switched to blocking around 2019). @drewg123 starts discussing this section at 4:21 in the presentation: https://www.youtube.com/watch?v=WzfADu1qyAM&t=261 ("we had this mandate that we had to start encrypting communications between our servers and our clients") Netflix announced the change in 2016, citing viewer privacy from eavesdropping: https://netflixtechblog.com/protecting-netflix-viewing-priva... However, I wonder if the mandate was led by Apple. It looks like it was 2015 (at iOS 9.0 / macOS 10.11) that Apple began requiring that network connections made by apps use TLS. While exceptions are allowed, they are discouraged and require a justification for App Store review: https://developer.apple.com/documentation/security/preventin... | |||||||||||||||||
| |||||||||||||||||
| ▲ | xxpor an hour ago | parent | prev | next [-] | ||||||||||||||||
Stops Comcast from seeing the metadata and knowing exactly what their mutual customers are streaming. | |||||||||||||||||
| |||||||||||||||||
| ▲ | monocasa 2 hours ago | parent | prev [-] | ||||||||||||||||
It seems like it took engineering work, but TLS isn't their bottleneck when the data flow is structured correctly for the hardware (which is kind of the thesis of a lot of the Netflix CDN node optimization stuff). | |||||||||||||||||