[AVT] RE: Comments on draft-ietf-avt-rtp-vc1-02
"Anders Klemets" <Anders.Klemets@microsoft.com> Fri, 09 December 2005 05:13 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EkaZz-0004ol-Nc; Fri, 09 Dec 2005 00:13:59 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EkaZy-0004ni-LO for avt@megatron.ietf.org; Fri, 09 Dec 2005 00:13:58 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA08172 for <avt@ietf.org>; Fri, 9 Dec 2005 00:13:04 -0500 (EST)
Received: from mail1.microsoft.com ([131.107.3.125]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Ekaa6-0003m1-2p for avt@ietf.org; Fri, 09 Dec 2005 00:14:06 -0500
Received: from mailout2.microsoft.com ([157.54.1.120]) by mail1.microsoft.com with Microsoft SMTPSVC(6.0.3790.2499); Thu, 8 Dec 2005 21:13:47 -0800
Received: from red-hub-03.redmond.corp.microsoft.com ([157.54.2.25]) by mailout2.microsoft.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 8 Dec 2005 21:13:47 -0800
Received: from win-imc-01.wingroup.windeploy.ntdev.microsoft.com ([157.54.0.39]) by red-hub-03.redmond.corp.microsoft.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 8 Dec 2005 21:13:47 -0800
Received: from WIN-MSG-10.wingroup.windeploy.ntdev.microsoft.com ([157.54.12.88]) by win-imc-01.wingroup.windeploy.ntdev.microsoft.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 8 Dec 2005 21:13:46 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 08 Dec 2005 21:13:46 -0800
Message-ID: <9ED672B9D1A64C489291BE0FB822217D0D79B058@WIN-MSG-10.wingroup.windeploy.ntdev.microsoft.com>
Thread-Topic: Comments on draft-ietf-avt-rtp-vc1-02
thread-index: AcX8Eoq8QITe6c/XRkawWU9nXzuO8wAZ6ODw
From: Anders Klemets <Anders.Klemets@microsoft.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
X-OriginalArrivalTime: 09 Dec 2005 05:13:46.0964 (UTC) FILETIME=[5527B940:01C5FC7F]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 52e1467c2184c31006318542db5614d5
Content-Transfer-Encoding: quoted-printable
Cc: IETF AVT WG <avt@ietf.org>
Subject: [AVT] RE: Comments on draft-ietf-avt-rtp-vc1-02
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Audio/Video Transport Working Group <avt.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
Sender: avt-bounces@ietf.org
Errors-To: avt-bounces@ietf.org
>>>T1. Will it be possible to carry any type of active content (like >>>scripts or Java code) in the VC-1 user data? If that is the case there >> >Yes, sorry, I meant RFC 3640 that contains such paragraphs in its >security consideration section. I can understand that RFC 3640 needs to discuss security, because MPEG-J, BIFS, etc., are part of the MPEG-4 spec itself. The VC-1 user-data, on the other hand, is registered separately by SMPTE. VC-1 user-data is actually identical to the MPEG-2 user-data. And RFC 2250 (MPEG-2 RTP Payload Format) doesn't mention user-data as a security risk. In my opinion, putting a warning about user-data is a little bit like putting a warning against downloading binaries in the HTTP spec, or putting a warning about telemarketer scams in the SIP spec. :-) Nevertheless, I have written the following paragraph, to be added to the VC-1 security considerations section: "VC-1 bit streams can carry user-data, such as closed captioning information and content meta-data. VC-1 requires identifiers for user-data to be registered with SMPTE. Depending on the type of user-data, it might be possible for a sender to generate user-data in a non-compliant manner to crash the receiver or make it temporarily unavailable. Senders that transport VC-1 bit streams SHOULD ensure that the user-data is compliant with the specification registered with SMPTE (see Annex F of [1].) Receivers should prevent malfunction in case of non-compliant user-data." Does it look OK? Anders _______________________________________________ Audio/Video Transport Working Group avt@ietf.org https://www1.ietf.org/mailman/listinfo/avt
- RE: [AVT] RE: Comments on draft-ietf-avt-rtp-vc1-… Allison, Art
- [AVT] Comments on draft-ietf-avt-rtp-vc1-02 Magnus Westerlund
- [AVT] RE: Comments on draft-ietf-avt-rtp-vc1-02 Anders Klemets
- [AVT] Re: Comments on draft-ietf-avt-rtp-vc1-02 Magnus Westerlund
- [AVT] RE: Comments on draft-ietf-avt-rtp-vc1-02 Anders Klemets
- [AVT] Re: Comments on draft-ietf-avt-rtp-vc1-02 Magnus Westerlund
- Re: [AVT] Re: Comments on draft-ietf-avt-rtp-vc1-… stewe