POST /authorize HTTP/1.1
The authorize transmission sends what appears to be a Base-64 encoded string that contains the authentication information needed by Apple TV. That string changes each time you send a video, even if it's the same video from the same device. This suggests that the data includes some kind of timestamp to limit the session during which the Apple TV is authorized to play back the rights-managed media.
The way that iOS devices deal with protected media is that no DRM content can be synced to them unless the home computer is authorized to play that content, via an iTunes account. This means that any DRM-protected media on the device (playable in the iPod or Video applications) is basically pre-cleared for playback by virtue of its original sync.
Creating a simple key authentication like this retains the integrity of the original licensing while permitting the device to send data to a transient intermediary. Apple TV does not retain or store the media it plays back once playback has finished.
Perhaps this is a hint as to why we have not yet seen an AirPlay feature hit Mac OS X (or at least not officially). Until Apple engineers can implement a way to transiently and securely view data from third-party devices, they could be unable to deliver that data to the desktop under existing agreements with content providers.
I know I should finish with some kind of AirPlay/FairPlay DRM pun, but nothing springs to mind. Please feel free to share yours in the comments.
Thanks, Steven Troughton-Smith, Matthias Ringwald