Re: [Cellar] New Version Notification - draft-ietf-cellar-ffv1-18.txt

Dave Rice <dave@dericed.com> Tue, 01 December 2020 21:16 UTC

Return-Path: <dave@dericed.com>
X-Original-To: cellar@ietfa.amsl.com
Delivered-To: cellar@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 032963A1181; Tue, 1 Dec 2020 13:16:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.119
X-Spam-Level:
X-Spam-Status: No, score=-1.119 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EbtzJSSatujP; Tue, 1 Dec 2020 13:16:56 -0800 (PST)
Received: from server172-4.web-hosting.com (server172-4.web-hosting.com [68.65.122.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B7223A116B; Tue, 1 Dec 2020 13:16:53 -0800 (PST)
Received: from pool-100-37-115-144.nycmny.fios.verizon.net ([100.37.115.144]:55414 helo=[192.168.1.152]) by server172.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <dave@dericed.com>) id 1kkD0x-0014ek-Be; Tue, 01 Dec 2020 16:16:52 -0500
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
From: Dave Rice <dave@dericed.com>
In-Reply-To: <FB3C907F-0DEB-4DB0-86C3-03B0AE02A78B@dericed.com>
Date: Tue, 1 Dec 2020 16:16:45 -0500
Cc: "draft-ietf-cellar-ffv1.chairs@ietf.org" <draft-ietf-cellar-ffv1.chairs@ietf.org>, "draft-ietf-cellar-ffv1@ietf.org" <draft-ietf-cellar-ffv1@ietf.org>, Codec Encoding for LossLess Archiving and Realtime transmission <cellar@ietf.org>, Barry Leiba <barryleiba@computer.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <B5AABB82-0474-4E3A-9211-403B2248F93E@dericed.com>
References: <160208949226.20172.3161875416157552929@ietfa.amsl.com> <a5a36dfd1f17466db8a412f7b85f776d@cert.org> <CAKKJt-dqrbSxvNo4CA1eQaaumG7h2203MHMdg8a4BTWc-OjBnQ@mail.gmail.com> <FB3C907F-0DEB-4DB0-86C3-03B0AE02A78B@dericed.com>
To: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>, Roman Danyliw <rdd@cert.org>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
X-OutGoing-Spam-Status: No, score=-0.2
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server172.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - dericed.com
X-Get-Message-Sender-Via: server172.web-hosting.com: authenticated_id: dave@dericed.com
X-Authenticated-Sender: server172.web-hosting.com: dave@dericed.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/cellar/M5TiYMeKOG37g87dSPo2JSIV_7E>
Subject: Re: [Cellar] New Version Notification - draft-ietf-cellar-ffv1-18.txt
X-BeenThere: cellar@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Codec Encoding for LossLess Archiving and Realtime transmission <cellar.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cellar>, <mailto:cellar-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cellar/>
List-Post: <mailto:cellar@ietf.org>
List-Help: <mailto:cellar-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cellar>, <mailto:cellar-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2020 21:16:58 -0000

Hi Roman, Spencer,

> On Oct 30, 2020, at 1:41 PM, Dave Rice <dave@dericed.com> wrote:
> 
> Thank you Roman,
> 
>> On Oct 21, 2020, at 2:03 PM, Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> wrote:
>> 
>> Hi, Roman,
>> 
>> On Wed, Oct 21, 2020 at 12:38 PM Roman Danyliw <rdd@cert.org> wrote:
>> Hi!
>> (I can't find your response email to my ballot in my mail client despite it being in the archive, so apologizes for making the new thread).
>> 
>> Thanks for the -18 which cleared most of the COMMENTs.  I updated my ballot.
>> 
>> In the spirit of clearing what I consider a straightforward DISCUSS, might I suggest:
>> 
>> OLD
>> 
>>   Implementations of the FFV1 codec need to take appropriate security
>>    considerations into account, as outlined in [RFC4732].  It is
>>    extremely important for the decoder to be robust against malicious
>>    payloads.  Malicious payloads MUST NOT cause the decoder to overrun
>>    its allocated memory or to take an excessive amount of resources to
>>    decode.  The same applies to the encoder, ... 
>> 
>> NEW
>> 
>> Implementations of the FFV1 codec need to take appropriate security considerations into account.  Those related to denial of service are outlined in Section 2.1 of [RFC4732].  It is extremely important for the decoder to be robust against malicious payloads.  Malicious payloads MUST NOT cause the decoder to overrun its allocated memory or to take an excessive amount of resources to decode.    An overrun in allocated memory could lead to arbitrary code execution by an attacker.  The same applies to the encoder, ...
> 
> The recommendation looks appropriate to me and more clear. I moved it to a pull request at https://github.com/FFmpeg/FFV1/pull/253 for the consideration of the other authors.

Please note that we just updated the draft to include the recommended changes for security considerations on denial of service, which can be reviewed in version 19 of https://datatracker.ietf.org/doc/draft-ietf-cellar-ffv1/. Here’s a link to the diff of version 18 and 19: https://www.ietf.org/rfcdiff?url1=draft-ietf-cellar-ffv1-18&url2=draft-ietf-cellar-ffv1-19&difftype=--htmle=--html.

Kind Regards,
Dave Rice