Why is an open-source foundation offering digital rights management software?
To help ensure that EPUB files can be shared across reading devices and apps even where some enforcement of usage rights is required – think about the library lending use case and its end of loan date. To help drive adoption of a standard and interoperable DRM through ease of implementation, minimal cost, and minimal vendor dependencies.
Is Readium LCP an open standard?
Readium LCP is not expected to be standardized by a formal standards group but rather remain an “industrial” specification for use by and among implementors who agree to participate in the interoperable Readium LCP ecosystem.
Is Readium LCP vendor-neutral?
Yes, Readium LCP is vendor-neutral, as the specifications are maintained by the Readium Foundation, which is an non-for-profit organization managed by elected board members.
The interoperability and security of the Readium LCP ecosystem is guaranteed by a Certification Authority; EDRLab has been chosen by Readium as Certification Authority for the years to come. EDRLab is also a non-for-profit organization managed by elected board members.
Who can implement Readium LCP?
Anyone can develop a Readium LCP compliant Reading System, and anyone can setup a Readium LCP compliant distribution solution.
But there is still a constraint to the implementation of Readium LCP: any implementation (either client-side in a Reading System, or server-side in a distribution solution) must be certified by the Certification Authority before it is deployed.
Is Readium LCP open-source?
Readium is offering for free open-source software on Github for easing the implementation of Readium LCP compliant Reading Systems and Readium LCP Servers.
However, companies, organizations or individuals who wish to use Readium LCP to protect their content will need to obtain the proper licensing from EDRLab and configure their software with confidential information.
What are the advantages of Readium LCP for publishers?
Readium LCP helps publishers by encouraging interoperability among e-reading platforms and service providers while maintaining an adequate level of content protection and supporting content access models that depend on access control, such as rental, subscription, and library lending. Readium LCP does not require publishers to send their master files in clear to a DRM vendor. Readium LCP helps publishers license content into a thriving, pro-competitive ecosystem by minimizing dependency on commercial vendors and avoiding “lock-in”.
What are the advantages of Readium LCP for users?
Users can obtain e-books from Readium LCP-based services and use Readium LCP-based apps and devices, secure in the knowledge that their e-books will interoperate across these devices, legally and with little or no effort (a simple passphrase, given to the user by the ebook provider at the time the user has acquired the ebook, along with a hint used as a reminder for this passphrase).
The only situation where a user has to enter a passphrase is when he opens an ebook for the first time on a given device; the reading application will then store securely the passphrase and use it silently the next time the user opens the same ebook on this device. This same passphrase is also tested each time the user opens another ebook from the same provider: as long as the passphrase has not been modified, the user will therefore be able to open every ebook from the same provider without entering the corresponding passphrase.
Users can freely transfer a publication from one device to another. They can expect being able to continue reading it year after year after download, even if their bookseller closes its operation, thanks to the offline capabilities of the solution.
Other advantages include a provision for accessibility to the print-disabled and the confidence that no usage data will leak through the Readium LCP technology to feed commercial appetites.
What are the advantages of Readium LCP for service providers?
Retailers, libraries, and other types of e-book service providers will benefit from costs that are much lower than those of existing commercial DRM systems, ease of deployment, and participation in what is expected to become a large ecosystem of interoperable technology components and services, while meeting publishers’ content protection requirements. Service providers will deploy their own License server and will therefore get real-time feedback on core data, like the number of delivered licenses or the number of active devices for a given license. Readium LCP’s open source model will also help ensure that Readium LCP evolves to meet future needs.
Is the Readium SDK required for implementing Readium LCP in my reading system?
Not at all. One can develop a Readium LCP compliant Reading System (application or e-reader) directly from the specification, using classic cryptographic libraries.
The Readium LCP open-source codebase provided on the Readium Github is currently optimized for use within the Readium architecture, but the core C++ code can be ported to any other environment, especially e-readers, for free.
Is Readium software designed to work with Readium LCP only?
Not at all. The Readium development kits are designed to work with multiple DRMs. This ensures that Readium-based apps and devices can be built if they have requirements for DRM features that go beyond what Readium LCP offers.
How does Readium LCP differ from other DRMs for Readium?
Readium LCP is intended to cover basic use cases (sale, rental) with an adequate level of security as well as a provision for accessibility to the print-disabled, with open source code for both client and server and an absolute minimum of vendor dependency.
Readium LCP is particularly well tailored for the library lending use case, with notions like early return and extended loan, the latter being uncovered by most DRMs. The high level of privacy offered by Readium LCP is another crucial aspect for public libraries.
Also, Readium LCP is intended to operate on a cost recovery basis and therefore may be less expensive than commercial DRMs. Other DRMs for Readium may be offered through commercial entities, support content access models that Readium LCP does not support, have enhanced security features that are required for certain applications, and/or support additional related services.
How do I test my reading system for compliance with the specification?
Compliance testing tools are under development at EDRLab; they are included in the open-source code provided by the Readium LCP Server project.
As a service provider, what do I have to install?
Please follow the steps detailed here.
What are Robustness Rules and how do I test my app or device against them?
How does licensing work?
It is important to note that there is no transaction cost in the model, i.e. no DRM cost per ebook purchase or lending.
The certification process is labor intensive and must be renewed yearly; managing the ecosystem (certificate authority …) is also expensive. Therefore being a Readium LCP implementer (either Reading System developer or License Provider) involves yearly fees.
EDRLab keeps these fees to a minimum, please contact us at firstname.lastname@example.org to get details.
What is the sustainability of Readium LCP?
EDRLab has a role of Certification Authority for the Readium LCP ecosystem. All confidential information will be archived by a key escrow agent. Should EDRLab activities end one day, the certification process will be easily taken over by another organization.
Is Readium LCP protected by anti-circumvention laws?
Many countries, including the United States, European Union Member States, Australia, New Zealand, Japan, Singapore, India, China, and Brazil have various forms of laws against circumvention (cracking) of DRM systems and distribution of circumvention tools. Such laws are intended to provide “legal backstops” for DRMs that can be cracked. Different countries’ laws contain different definitions of the systems to which such laws apply, and such laws have been clarified to greater or lesser degrees in each country through litigations. Neither Readium Foundation nor EDRLab represents or guarantees that an implementation based on Readium LCP enjoys protection under such laws; please consult qualified legal counsel.
Is Readium LCP at risk against patent infringement?
Various organizations exist that own portfolios of patents that they may claim are related to digital rights management. Some of these organizations maintain patent licensing programs that require royalty payments; some have engaged in litigation against service providers, application developers, and others for alleged infringement of those patents. Readium Foundation has not consulted with any such entity to determine whether or not any aspect of Readium LCP “reads on” their patents. Neither Readium Foundation nor EDRLab take a position on whether any system, device, application, or service that incorporates any aspect of Readium LCP “reads on” any particular patents, nor does Readium Foundation or EDRLab endorse any patent holder’s patent claims or patent licensing program; please consult qualified legal counsel.
No technology is immune against patent claims; Readium LCP is based on standard cryptographic technologies (AES-256, SHA-256 …) and processes; we are therefore confident that Readium LCP is a simple and reliable solution that does not put implementers at risk.
Is Readium LCP able to protect PDF files?
The current specification of Readium LCP makes reference to the EPUB format only.
Including Readium LCP support for PDF files is technically doable, but any open-source implementation would require quite a bit of work. The main issue being that Adobe products (Adobe Digital Editions especially) would not recognize this non-proprietary DRM, and this sole fact would be be a burden for many users. One can also wonder what is the use of PDF ebooks in an world tailored for EPUB ;-).