...and this - I guess - is where the DMCA issue that the EFF raises comes in.
Because sure, you could build a browser that loads Adobe's CRM and fools it into thinking it's been loaded into Firefox - but if you did that, you could well be construed as defeating a technological copyright protection method.
So then, the only way CDMs are acceptable IMO is if they're never given enough information to know where they're running.
This should be a critical part of the standard and I'm surprised I haven't heard the EFF pushing for this, specifically. If the CDM has enough information to discriminate, your choice of browser for watching DRMed video is entirely in the publisher's hands.
The fact that you may get in trouble for fooling the CDM to run on another browser is almost beside the point. Why should we trust a black box with ANY information outside of the DRM-specific?
A website can refuse to load based on my user-agent, for example. However, I have full control over what the website knows about my browser including my user-agent. Because of this fact, I am always free from browser-discrimination on the Web.
But I have zero control over what the CDM knows about my browser. Therefore, the CDM has complete and unavoidable ability to prevent me from accessing parts of the public Web based solely on my choice of browser. AFAIK this is unprecedented. It means that users are no longer free from browser-discrimination, perhaps for the first time in the history of the Web.
The standard is not at all concerned with the browser-CDM interaction, sadly. And yes, that's a major issue with the standard. We (Mozilla) brought it up repeatedly when the standard was being developed, because it causes precisely the issues you describe, and basically got ignored. Microsoft, Google, and Netflix (the editors for the standard) simply didn't see this as a problem.
Now in practice, Mozilla aims to give the CDM as little information as possible, because we think it's the right thing to do. But nothing in the EME standard requires us to do that, and I can't tell you what other browsers do with their CDMs.
> It means that users are no longer free from browser-discrimination
That's correct. You never _really_ were, by the way: sites can and do use Modernizr-like testing instead of UA string sniffing to detect what browser you're running, so the only way to avoid being discriminated against by a site that really wants to discriminate is to have a browser which responds the same way an "approved" browser does to all API calls... Doable, but in practice requires using an "approved" browser with some tweaks that are invisible to the site.
Because sure, you could build a browser that loads Adobe's CRM and fools it into thinking it's been loaded into Firefox - but if you did that, you could well be construed as defeating a technological copyright protection method.