Digital Cinema Initiatives

ARCHIVES Specification Errata

«Previous Page

Erratum Spec 1.0 Page Sections Affected Description


86-87 Section (The requirements given in the two bulleted paragraphs of text in this section are given in Section and are therefore redundant.) The two bulleted paragraphs of text in this section are deleted.


88 Section
In the second bullet, the text "one or more Key Delivery Message(s) (KDMs)" is replaced with the text "a Key Delivery Message (KDM)"


92 Section
The existing text of Item 2. is deleted and replaced with the following text:

"Security Manager (SM) KDM usage policy is specified as follows:

a. Playout shall be fully supported by a single KDM, inclusive of all required essence keys and playout time window (i.e., a playout shall not occur that requires the combination of two or more KDMs).
b. For any given composition, playout shall be enabled for any start time that is within the KDM's time window.
c. To avoid end of engagement issues, a show time's playout may extend beyond the end of the KDM's playout time window, if started within the KDM playout time window, by a maximum of six (6) hours.
d. Excepting the requirements of (b), the SM shall delete any KDM and associated keys for which the playback time window has expired (passed)."


93 Section
The existing text of Item 9. (b) is deleted and replaced with the following text:

"Usage validity periods of six (6) hours for remote SPBs (in line with the rule of item 2 (c) above)."


93 Section
The existing text of Item 10. (b) is deleted and replaced with the following text:

"Transferring LE keys only to an authenticated and trusted (7) Link Decryptor Security Entity (SE) function."


94 Section
The existing text of Item 16. is deleted and replaced with the following text:

"Support suite playback enablement (authentication followed by keying) such that no more than one of each type of SE is enabled (i.e., one LD Block, one Image MD, one audio MD), except for content owner-approved special auditorium situations employing the use of multiple Link Encryption operations. SMs shall support the authentication and keying of multiple Link Encryption operation per the requirements of Section Multiple Link Encryption Operation."


94 Section
Item 19. is deleted.


96 Section
The last sentence of Item 10. is deleted.


97 Section
A new Section is added between Section and Section with the following text: Normative Requirements for LD/LE SPB Devices

The following requirements are normative where a special purpose SPB that performs link decryption followed by link encryption is used (see Section

1. Within the LD/LE Device's type 1 SPB perimeter, perform link decryption followed by link encryption at the image essence input and output ports.
2. Respond to the Security Manager's (SM's) initiatives in establishing a Transport Layer Security (TLS) session and SPB device authentication. Maintain this session until commanded to terminate.
3. LD/LE SPB Devices shall not establish security communications with more than one SM at a time.
4. LD/LE SPB Devices shall contain a UTC time reference clock that is battery backed and operative for time stamping log events under powered and un-powered conditions. The SPB shall communicate time information with the SM using standardized Intra-Theater Messaging.
5. Respond to SM "status” queries, and other Intra-Theater Messages (ITMs) and SM commands as necessary to support SM behavior requirements.
6. Accept and store LD/LE keys, and associated parameters, provided by the SM. The SPB shall have the capacity to store at least 16 key/parameter sets.
7. Purge LD/LE keys upon expiration of the SM designated validity period, SM "purge" command, SPB tamper detection, or change in TLS network parameters suggestive of an attack or equipment substitution.
8. Record security event data for logging under both powered and un-powered conditions. Sign and assemble logged information into standardized log records per Section
9. Monitor LD/LE SPB Device physical security protection integrity 24/7. In the event of intrusion or other tamper detection, terminate all activity, log the event, and zero all Critical Security Parameters (see Section Do not purge log records.


98 Section
The last sentence of Item 9. is deleted.


100 Section
A new Section is added after Section 9.4.4 and before Section 9.4.5 with the following text: Multiple Link Encryption Operation

Content owners may approve the use of multiple Link Encryption stages within a single auditorium for accommodating special auditorium situations. Special auditorium situations are recognized as changes to Auditorium 2 of Figure 16 such as: (i) the insertion of a single image processor between Image Media Block and a LDB/projection system; (ii) the use of multiple LDB/projection systems with a single server/IMB.

Multiple Link Encryption operation shall follow all normal (single) Link Encryption requirements of this section, with the following additional requirements:


SM behavior shall be designed to identify a special auditorium situation during the auditorium security network TLS session establishment. The digital certificate exchange with remote SPBs will return the associated certificate roles for each SPB in the auditorium (i.e., LD/LE SPB device or more than a single LDB/projector).

b. The SM shall independently authenticate each remote SPB using a dedicated TLS session.
c. SMs shall enable multiple Link Encryption operation only when the SM receives a KDM whose TDL contains only the identities of the remote SPBs identified during TLS authentication. This matching is an indication to the SM that the multiple Link Encryption operation has been approved by the content owner.
d. The image processor (LD/LE) device shall be protected by a type 1 SPB. This SPB shall meet the requirements of Section Normative Requirements for LD/LE SPB Devices.

e. The SM shall independently key each remote SPB for Link Encryption operation using standardized Intra-Theater security Messaging per Section 9.4.5.
f. The SM shall not support the use of more than one image processor SPB for any LDB/projector system.
g. The two Link Encryption stages of the image processor configuration may use the same LE key(s). The SM shall key the multiple LDB/projector configuration using different LE keys for each LDB/projector system.


102 Section
In Item 1., a period is placed at the end of the first line of text, so the sentence reads:

"1. Only the SMS or SM shall set up Transport Layer Security (TLS) sessions."


102 Section

Erratum #6 is withdrawn and replaced with this erratum, which is more exact:

The existing text of Item 9. is deleted and replaced with the following text:

" Standardized security messages (Category 2 messages of Table 15) shall use, and have exclusive use of, well-known port 1173 (which has been reserved for SMPTE digital cinema use by the Internet Assigned Numbers Authority [IANA]). Operational messages (Category 1 messages of Table 15) shall not use TCP port 1173, but shall operate under TLS."


114 Section
The existing text of Item 5. (which starts "In the event that valid overlapping KDMs exist…") is deleted and replaced with the following text:

"[This item left blank intentionally.]"


114 Section
The existing text of Item 7. (which starts "The SM and FM Security Entities shall...&) is deleted and replaced with the following text:

"The SM and FM Security Entities shall log the presence or absence of audio and image Forensic Marking for each encrypted DCP."


114 Section
A new Item 8. is added with the following text:

"8. If audio Forensic Marking is enabled, all sixteen audio channels shall be forensically marked."


The DCI Digital Cinema System Specification Version 1.0 has been updated to version 1.1. Version 1.1 incorporates Erratum # 1 - # 148 into the body of its text. Version 1.0 and Erratum # 1 - # 148 are provided here for archival purposes.

Digital Cinema System Specification
July 20, 2005