[Cellar] Roman Danyliw's No Objection on draft-ietf-cellar-ffv1-17: (with COMMENT)
Roman Danyliw via Datatracker <noreply@ietf.org> Wed, 07 October 2020 15:27 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: cellar@ietf.org
Delivered-To: cellar@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id CB27A3A0A3C; Wed, 7 Oct 2020 08:27:12 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
Cc: draft-ietf-cellar-ffv1@ietf.org, cellar-chairs@ietf.org, cellar@ietf.org, Michael Richardson <mcr+ietf@sandelman.ca>, "Peter B." <pb@das-werkstatt.com>, pb@das-werkstatt.com
X-Test-IDTracker: no
X-IETF-IDTracker: 7.19.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <160208443280.14819.13101657268052077987@ietfa.amsl.com>
Date: Wed, 07 Oct 2020 08:27:12 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/cellar/WE0h53hncmrbul1ZoSiSyWEfAeM>
Subject: [Cellar] Roman Danyliw's No Objection on draft-ietf-cellar-ffv1-17: (with COMMENT)
X-BeenThere: cellar@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Codec Encoding for LossLess Archiving and Realtime transmission <cellar.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cellar>, <mailto:cellar-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cellar/>
List-Post: <mailto:cellar@ietf.org>
List-Help: <mailto:cellar-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cellar>, <mailto:cellar-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Oct 2020 15:27:13 -0000
Roman Danyliw has entered the following ballot position for draft-ietf-cellar-ffv1-17: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-cellar-ffv1/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thanks for responding to the SECDIR feedback (and thank you to Liang Xia for providing the review). I support Barry Lieba’s Discuss position. A few additional comments on the framing of the codec description not already mentioned by my peers: ** Section 1. Is “non-experimental use” the same as production use? ** References. Why use C89/90 for syntax and C18 for operator precedence? Wouldn’t C18 work for both? ** References. -- Doesn’t Section 4.3.3.2 required [ISO.14496-12.2015] as a normative reference to parse the "glbl" box in the ConfigurationRecord bitstream? -- Doesn’t Section 4.3.3.3 required [NUT] as a normative reference to parse the ConfigurationRecord bitstream? On the security considerations: ** Section 6. Per the reference to [RFC4732], which selection is relevant here? Is it Section 2.1.1? If so, the risks due to end-point compromise are much broader than DoS. ** Section 6. The assertions about the security properties of [REFIMPL] don’t make sense to me in this document. While it is extremely helpful that there is a high-quality reference implementation, it’s relevance to this spec isn’t clear. This code isn’t normative. Recommend removal all text after the paragraph “None of the content carried in FFV1 is intended to be executable”.
- [Cellar] Roman Danyliw's No Objection on draft-ie… Roman Danyliw via Datatracker
- Re: [Cellar] Roman Danyliw's No Objection on draf… Jerome Martinez