Re: [AVT] Re: IESG Review of draft-ietf-avt-mpeg4-simple-07.txt - Discuss Comments
jan.vandermeer@philips.com Tue, 08 July 2003 15:03 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA25475 for <avt-archive@odin.ietf.org>; Tue, 8 Jul 2003 11:03:38 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19Ztzs-00075f-2v for avt-archive@odin.ietf.org; Tue, 08 Jul 2003 11:03:12 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h68F3CO4027249 for avt-archive@odin.ietf.org; Tue, 8 Jul 2003 11:03:12 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19Ztzh-00074p-6N; Tue, 08 Jul 2003 11:03:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19Ztyq-000748-DL for avt@optimus.ietf.org; Tue, 08 Jul 2003 11:02:08 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA25434; Tue, 8 Jul 2003 11:02:02 -0400 (EDT)
From: jan.vandermeer@philips.com
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19Ztym-0002MB-00; Tue, 08 Jul 2003 11:02:04 -0400
Received: from gw-nl5.philips.com ([212.153.235.109] ident=postfix) by ietf-mx with esmtp (Exim 4.12) id 19Ztyk-0002M8-00; Tue, 08 Jul 2003 11:02:02 -0400
Received: from smtpscan-nl3.philips.com (smtpscan-nl3.philips.com [130.139.36.23]) by gw-nl5.philips.com (Postfix) with ESMTP id 81FE35A861; Tue, 8 Jul 2003 17:01:56 +0200 (MET DST)
Received: from smtprelay-nl2.philips.com (localhost [127.0.0.1]) by smtpscan-nl3.philips.com (8.9.3-p1/8.8.5-1.2.2m-19990317) with ESMTP id RAA18458; Tue, 8 Jul 2003 17:01:55 +0200 (MET DST)
Received: from ehv501soh.diamond.philips.com (e3soh01.diamond.philips.com [130.139.54.47]) by smtprelay-nl2.philips.com (8.9.3-p1/8.8.5-1.2.2m-19990317) with ESMTP id RAA09216; Tue, 8 Jul 2003 17:01:54 +0200 (MEST)
To: John Lazzaro <lazzaro@CS.Berkeley.EDU>
Cc: avt@ietf.org, avt-admin@ietf.org
Subject: Re: [AVT] Re: IESG Review of draft-ietf-avt-mpeg4-simple-07.txt - Discuss Comments
MIME-Version: 1.0
X-Mailer: Lotus Notes Release 5.0.9a January 7, 2002
Message-ID: <OFAD087609.76B6D36D-ONC1256D5D.004A2CCE-C1256D5D.005290E9@diamond.philips.com>
Date: Tue, 08 Jul 2003 17:00:29 +0200
X-MIMETrack: Serialize by Router on ehv501soh/H/SERVER/PHILIPS(Release 5.0.11 |July 24, 2002) at 08/07/2003 17:00:33, Serialize complete at 08/07/2003 17:00:33
Content-Type: multipart/alternative; boundary="=_alternative 005290E3C1256D5D_="
Sender: avt-admin@ietf.org
Errors-To: avt-admin@ietf.org
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Id: Audio/Video Transport Working Group <avt.ietf.org>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
Hello John, Thanks for commenting. > Do "MPEG-4 scripts" give the script control over audio volume of the > presentation, in a way that could override the levels manually set > by the human listening to the decoder? In my understanding, MPEG-4 only provides the capability to control the presence of audio objects (streams) in a scene, hence the audio level can be controlled from zero up to a certain "nominal" level. MPEG-4 does not provide the capability to control the volume level at which the user "enjoys" the scene. In other words, in my understanding the problem that you mention does not exist in MPEG-4. Best regards, Jan John Lazzaro <lazzaro@CS.Berkeley.EDU> Sent by: avt-admin@ietf.org 2003-07-07 09:33 PM To: avt@ietf.org cc: (bcc: Jan vanderMeer/EHV/CE/PHILIPS) Subject: [AVT] Re: IESG Review of draft-ietf-avt-mpeg4-simple-07.txt - Discuss Comments Classification: > jan.vandermeer@philips.com writes: > > As far as I understand these constraints do not allow dangerous ECMA > script constructs, which means there is no need for an ECMA script > security model in this context. Below I attached the MPEG-4 annex that > describes the differences. Do "MPEG-4 scripts" give the script control over audio volume of the presentation, in a way that could override the levels manually set by the human listening to the decoder? A rogue program that blows out the speakers of the victim's terminal seems like a security risk of some sort, although not of the classical kind since data and CPU and network are not compromised ... if this is an actual risk, might be worth warning implementors in the Security Considerations section ... ------------------------------------------------------------------------- John Lazzaro -- Research Specialist -- CS Division -- EECS -- UC Berkeley lazzaro [at] cs [dot] berkeley [dot] edu www.cs.berkeley.edu/~lazzaro ------------------------------------------------------------------------- _______________________________________________ Audio/Video Transport Working Group avt@ietf.org https://www1.ietf.org/mailman/listinfo/avt
- [AVT] IESG Review of draft-ietf-avt-mpeg4-simple-… Allison Mankin
- [AVT] Re: IESG Review of draft-ietf-avt-mpeg4-sim… jan.vandermeer
- [AVT] Re: IESG Review of draft-ietf-avt-mpeg4-sim… John Lazzaro
- Re: [AVT] Re: IESG Review of draft-ietf-avt-mpeg4… jan.vandermeer