IETF Logo Mail Archive

Re: [Cellar] Roman Danyliw's Discuss on draft-ietf-cellar-matroska-16: (with DISCUSS and COMMENT)

Michael Richardson <mcr+ietf@sandelman.ca> Fri, 26 May 2023 20:48 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: cellar@ietfa.amsl.com
Delivered-To: cellar@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2DF36C14CF05; Fri, 26 May 2023 13:48:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sandelman.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T85nlUes4WBd; Fri, 26 May 2023 13:48:18 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9C9A9C14F747; Fri, 26 May 2023 13:48:17 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 629B438993; Fri, 26 May 2023 16:48:16 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id HtPKjEPivHfH; Fri, 26 May 2023 16:48:14 -0400 (EDT)
Received: from sandelman.ca (unknown [IPv6:2607:f0b0:f:2:40a:34ff:fe10:f571]) by tuna.sandelman.ca (Postfix) with ESMTP id 0C96538991; Fri, 26 May 2023 16:48:14 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sandelman.ca; s=mail; t=1685134094; bh=1M3sL8JWGLTUVBJnjzbShgRr6UteT0337Mh2mfUxLo8=; h=From:To:Subject:In-Reply-To:References:Date:From; b=d2s8KQvceao68XH2I0NUjQNfqICMkd4ZDZVRmPcXsUoG7MsuahYEJhmjHu00NYsWv S3egIt0v/hJPCq7/X9hqpCj/od19pT4jO8oA18Gwka3KzbzwNlplX1NY4NSLAXDyul 5cCpxaW8OoYOVAMYRdIHSldF5IHHm+kcg0qv/PeeZa/LH8tSrdyYo81vqsnSYyk9v2 MUF1eV9dKV5dKmLGGejHNIvPRgwc9F8TGA+L8tfvLu3dv+Ex293kwuB+l0WyzpAEUs s8Of6egF+QKSAhsQ8LAa+bOZRvFGS4IFxdaV8b5Aes27J6ZHpnTTGXRo/5j0OVFCca 6/4mjTIg5pZ8Q==
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id E8303158; Fri, 26 May 2023 16:48:13 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Roman Danyliw <rdd@cert.org>, The IESG <iesg@ietf.org>, "draft-ietf-cellar-matroska@ietf.org" <draft-ietf-cellar-matroska@ietf.org>, "cellar-chairs@ietf.org" <cellar-chairs@ietf.org>, "cellar@ietf.org" <cellar@ietf.org>
In-Reply-To: <8c8e16f333234f188d0d88842872368b@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
References: <168480597881.60442.3957144119759698039@ietfa.amsl.com> <3988.1684827677@localhost> <29e1c4eaeadc4c78974eb30307857b46@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM> <32234.1685121834@localhost> <8c8e16f333234f188d0d88842872368b@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 27.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Fri, 26 May 2023 16:48:13 -0400
Message-ID: <16111.1685134093@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cellar/CUXVLzNzSzGpz5GLro9f6BcpQQc>
Subject: Re: [Cellar] Roman Danyliw's Discuss on draft-ietf-cellar-matroska-16: (with DISCUSS and COMMENT)
X-BeenThere: cellar@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Codec Encoding for LossLess Archiving and Realtime transmission <cellar.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cellar>, <mailto:cellar-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cellar/>
List-Post: <mailto:cellar@ietf.org>
List-Help: <mailto:cellar-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cellar>, <mailto:cellar-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 May 2023 20:48:22 -0000

Roman Danyliw <rdd@cert.org> wrote:
    >> Roman Danyliw <rdd@cert.org> wrote:
    >> >> Generic interoperability is not expected.  Everything about the key
    >> >> management is essentially proprietary.
    >>
    >> > Thanks for this explanation.  The current -16 text even says that "key
    >> > management" is out of scope.
    >>
    >> > If no interoperability is expected, a lot more clarity is needed on the
    >> > currently documented security relevant mechanisms.  One interpretation
    >> > would be that the Mastroska container:
    >>
    >> > -- does not provide any interoperable security mechanisms to ensure
    >> > confidentiality, integrity or authenticity
    >>
    >> Correct.
    >> And as for Blowfish, 1DES, 3DES, etc. please recognize that these are
    >> *archives*, and they might have sat on a dusty spinning disk for 20 years.
    >> The goal is to be able to decode what's there, not necessarily to provide a
    >> mechanism useable into the future.

    > Understood.  My specific recommendation was ' -- Mastroska Writers MUST
    > NOT use insecure ciphers (e.g., DES, 3DES) to create "new content" (not
    > sure of the appropriate word) either in this section or in the Security
    > Considerations.'  This guidance would be consist with the use case you
    > are suggesting of a Mastroska Reader finding old files, encrypted with
    > algorithms appropriate for their time.  The current text does not make
    > that distinction.

Okay, we could go further and say,
   "Compliant Matroska writers MUST NOT use encrypted blocks as Matroska does
   not include any key management or key agreement mechanisms"

I argued during WGLC that we mark the blocks as historical, but it's not
always clear to the software authors what that means.


    >> > -- provides a series of primitives and extension points on which
    >> > application developers could built security mechanisms
    >>
    >> could/have in the past, but didn't publish.
    >> These are files on disk.
    >> The decryption keys are either on post-its, or maybe involved some kind of
    >> online DRM system involving Hollywood.

    > If there are encrypted blobs on disk with unpublished DRM or encryption
    > schemes, how would this document help anyone decrypt the archives.

It won't, except to identify that there is stuff that is outside the
standard.

    > It
    > seems like some of the DRM-focused behavior is not explained on this
    > document.

A player that sees an encrypted block, needs to pop up a requestor for a key
(which could come from some other entity), or needs to invoke some plugin
behaviour that could return a key.  But that's all implementation, and way
beyond our scope.  At some remote future quantum computer state, maybe
Blowfish is sooo weak that it just cracks the key, as we see in sf all the time.

    >> As an *ARCHIVE* format, we need to document what might be out there.
    >> This is SMIME for video formats.

    > Section 23.2 explicitly suggests that this is not just a file archive format.

Correct, it's not a dead spec.
But there are many dead files out there which are not going to get converted.

WebM is a variation of it which is very actively used in many places like
youtube. (But, webm is a different subset than Matroska)

a) Encrypted blocks using Blowfish for DRM are probably not compatible with "live" streaming.
b) But, http://somearchive.example/blah.mkv could well be streaming some 20
   year old file.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [


--
Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide

v2.23.0 | Report a Bug | By Email