Distributed white list for security renewability

What is claimed is: 1 . A device for a computerized content gateway, comprising: at least one computer memory that is not a transitory signal and that comprises instructions executable by at least one processor to: receive a white list of sink devices authorized to receive at least some content from the gateway, entries on the list pertaining to respective devices, at least some entries being associated with a respective device identification (ID); receive a request to send content from the gateway to a sink configured to play video content; compare a device ID associated with the sink and received by the gateway in a digital certificate against at least a portion of the list of devices; based on the device ID associated with the sink received in the certificate matching a device ID on the list, provide the content to the sink; and based at least in part on the device ID received in the certificate not matching a device ID on the list, not provide the content to the sink. 2 . The device of claim 1 , wherein the instructions are executable to provide the list to the sink such that requests by tertiary devices to the sink for content is controlled at least in part by the sink using the list. 3 . The device of claim 1 , wherein the list is version-controlled and the instructions are executable to share a most recent version of the list between at least the gateway and sink. 4 . The device of claim 2 , wherein the instructions are executable to verify a version and authenticity of the list using a public key of a common root of trust certificate authority. 5 . The device of claim 4 , wherein the public key of the common root of trust certificate authority is held by both the sink and the tertiary device. 6 . The device of claim 1 , wherein the device ID that is compared with the white list is accessed from a digital certificate used by the sink during link protection between the gateway and the sink. 7 . The device of claim 6 , where the link protection is Digital Transmission Copy Protection (DTCP), High Bandwidth Digital Copy Protection (HDCP), or Digital Rights Management (DRM). 8 . A method comprising: at a computerized gateway, receiving a white list of devices authorized to receive at least some content from the gateway, entries on the list pertaining to respective devices, at least some entries being associated with a respective device identification (ID) and at least one expected criterion; receiving a request to send content from the gateway to a sink configured to play video content; comparing a device ID and at least one device attribute of the sink received from the sink by the gateway against at least a portion of the list of devices; based at least in part on the device ID and device attribute received from the sink matching a device ID and associated expected criterion on the list, providing the content to the sink; and based at least in part on the device ID and/or the at least one device attribute received from the sink not matching a device ID on the list and/or the respective expected criteria on the list, not providing the content to the sink. 9 . The method of claim 8 , comprising providing the list to the sink such that requests by tertiary devices to the sink for content is controlled at least in part by the sink using the list. 10 . The method of claim 8 , comprising, based on the device attributes received from the sink not matching expected criteria on the list, sending a message to the sink to output an OSD to the user. 11 . The method of claim 8 , wherein the expected criterion comprises one or more of the following: software version number, time to last software update, minimum version of HDCP protocol, minimum version of DRM protocol, minimum version of DTCP protocol, inclusion of a secure execution environment, inclusion of storage capability, minimum level of robustness, and minimum level of hardware robustness, manufacturer, model number, maximum number of downstream connected devices. 12 . The method of claim 11 , wherein the device attribute comprises one or more of the following: software version number, time to last software update, version of HDCP protocol, HDCP device ID, version of DRM protocol, DRM device ID, version of DTCP protocol, DTCP device ID, inclusion of a secure execution environment, storage capability, level of robustness, level of hardware robustness manufacturer, model number, device serial number, number of downstream connected devices, connection status to the Internet, decoding capability, screen resolution, screen size. 13 . The method of claim 8 , comprising verifying, using the sink device, a device ID by proving that the sink device has a private key corresponding to a public key in the digital certificate. 14 . The method of claim 8 , comprising delivering, from the sink device, sink device attributes to the gateway using a tamper proof protocol that involves public and private keys. 15 . The method of claim 8 , comprising providing the list to the sink such that requests by tertiary devices to the sink for content is controlled at least in part by the sink using the list. 16 . The method of claim 8 , wherein the list is version-controlled and the method comprises sharing a most recent version of the list between at least the gateway and sink. 17 . The method of claim 15 , comprising verifying a version and authenticity of the list using a public key of a common root of trust certificate authority. 18 . A device for a computerized sink, comprising: at least one computer memory that is not a transitory signal and that comprises instructions executable by at least one processor to: receive from a gateway a white list of devices authorized to receive at least some content received through the gateway, entries on the list pertaining to respective devices, at least some entries being associated with a respective device identification (ID); receive a request to send content from the sink to a tertiary configured to process video content; compare a device ID associated with the tertiary device and received by the sink in a digital certificate against at least a portion of the list of devices; based on the device ID associated with the tertiary device received in the certificate matching a device ID on the list, provide the content to the tertiary device; and based at least in part on the device ID received in the certificate not matching a device ID on the list, not provide the content to the tertiary device. 19 . The device of claim 18 , wherein the list is version-controlled and the instructions are executable to share a most recent version of the list between at least the gateway and sink. 20 . The device of claim 18 , wherein the instructions are executable to verify a version and authenticity of the list using a public key of a common root of trust certificate authority. 21 . The device of claim 18 , wherein at least some entries on the list are associated with, in addition to the respective device ID, at least one expected criterion, and the instructions are executable for: comparing a device ID and at least one device attribute of the sink received from the sink by the gateway in a digital certificate against at least a portion of the list of devices; based at least in part on the device ID and device attribute received from the sink matching a device ID and associated expected criterion on the list, providing the content to the sink; and based at least in part on the device ID and/or