[Cellar] Roman Danyliw's No Objection on draft-ietf-cellar-ffv1-17: (with COMMENT)

Roman Danyliw via Datatracker <noreply@ietf.org> Wed, 07 October 2020 15:27 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: cellar@ietf.org
Delivered-To: cellar@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id CB27A3A0A3C; Wed, 7 Oct 2020 08:27:12 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: "The IESG" <iesg@ietf.org>
Cc: draft-ietf-cellar-ffv1@ietf.org, cellar-chairs@ietf.org, cellar@ietf.org, Michael Richardson <mcr+ietf@sandelman.ca>, "Peter B." <pb@das-werkstatt.com>, pb@das-werkstatt.com
X-Test-IDTracker: no
X-IETF-IDTracker: 7.19.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: Roman Danyliw <rdd@cert.org>
Message-ID: <160208443280.14819.13101657268052077987@ietfa.amsl.com>
Date: Wed, 07 Oct 2020 08:27:12 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/cellar/WE0h53hncmrbul1ZoSiSyWEfAeM>
Subject: [Cellar] Roman Danyliw's No Objection on draft-ietf-cellar-ffv1-17: (with COMMENT)
X-BeenThere: cellar@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Codec Encoding for LossLess Archiving and Realtime transmission <cellar.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cellar>, <mailto:cellar-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cellar/>
List-Post: <mailto:cellar@ietf.org>
List-Help: <mailto:cellar-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cellar>, <mailto:cellar-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Oct 2020 15:27:13 -0000

Roman Danyliw has entered the following ballot position for
draft-ietf-cellar-ffv1-17: No Objection

When responding, please keep the subject line intact and reply to all
email addresses included in the To and CC lines. (Feel free to cut this
introductory paragraph, however.)

Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
for more information about IESG DISCUSS and COMMENT positions.

The document, along with other ballot positions, can be found here:


Thanks for responding to the SECDIR feedback (and thank you to Liang Xia for
providing the review).

I support Barry Lieba’s Discuss position.

A few additional comments on the framing of the codec description not already
mentioned by my peers:

** Section 1.  Is “non-experimental use” the same as production use?

** References.  Why use C89/90 for syntax and C18 for operator precedence? 
Wouldn’t C18 work for both?

** References.
-- Doesn’t Section required [ISO.14496-12.2015] as a normative
reference to parse the "glbl" box in the ConfigurationRecord bitstream?

-- Doesn’t Section required [NUT] as a normative reference to parse the
ConfigurationRecord bitstream?

On the security considerations:
** Section 6.  Per the reference to [RFC4732], which selection is relevant
here? Is it Section 2.1.1?  If so, the risks due to end-point compromise are
much broader than DoS.

** Section 6.  The assertions about the security properties of [REFIMPL] don’t
make sense to me in this document.  While it is extremely helpful that there is
a high-quality reference implementation, it’s relevance to this spec isn’t
clear.  This code isn’t normative.  Recommend removal all text after the
paragraph “None of the content carried in FFV1 is intended to be executable”.