The spec allows for Key System specific Initialization Data to be provided (either directly in the PSSH or via the generateRequest() call). Some Key Systems support or rely on title keys being present in encrypted form within the Initialization Data. The core issue is that the CDM may be able to use keys present in the Initialization Data to decrypt the content without any additional key requests
This has implications for several of the algorithms.
6.2 Methods, generateRequest
"11. Run the queue a "message" event algorithm on the session, providing "license-request" and message."
Since keys may already be usable, the CDM could instead run the Update Key Statuses algorithm. E.g.
"11. If keys specified in the initData are not already available, run the queue a "message" event algorithm on the session, providing "license-request" and message. Otherwise run the Update Key Statuses algorithm."
6.6.2 Update Key Statuses
"This can happen as the result of a load() or update()"
This list should be augmented with generateKeyRequest.
6.8 Session Storage and Persistence
"The CDM SHOULD NOT store session data, including the Session ID, until update() is called the first time. Specifically, the CDM SHOULD NOT store session data during the generateRequest() algorithm. This ensures that the application is aware of the session and knows it needs to eventually remove it."
Since the keys may already be usable at this point, forcing update() to be called does not make sense.