Re: [Cellar] Secdir last call review of draft-ietf-cellar-ffv1-16

Jerome Martinez <jerome@mediaarea.net> Sun, 09 August 2020 20:59 UTC

Return-Path: <jerome@mediaarea.net>
X-Original-To: cellar@ietfa.amsl.com
Delivered-To: cellar@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71E9E3A0DC3 for <cellar@ietfa.amsl.com>; Sun, 9 Aug 2020 13:59:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.846
X-Spam-Level:
X-Spam-Status: No, score=-2.846 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.949, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8HzTXrX0nrs3 for <cellar@ietfa.amsl.com>; Sun, 9 Aug 2020 13:59:34 -0700 (PDT)
Received: from 8.mo69.mail-out.ovh.net (8.mo69.mail-out.ovh.net [46.105.56.233]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E70F83A0DC6 for <cellar@ietf.org>; Sun, 9 Aug 2020 13:59:33 -0700 (PDT)
Received: from player761.ha.ovh.net (unknown [10.108.35.74]) by mo69.mail-out.ovh.net (Postfix) with ESMTP id 6288596C2A for <cellar@ietf.org>; Sun, 9 Aug 2020 22:59:31 +0200 (CEST)
Received: from mediaarea.net (unknown [62.147.199.69]) (Authenticated sender: jerome@mediaarea.net) by player761.ha.ovh.net (Postfix) with ESMTPSA id 999481522FF20; Sun, 9 Aug 2020 20:59:24 +0000 (UTC)
Authentication-Results: garm.ovh; auth=pass (GARM-105G006bb29af51-604f-4982-904c-c52165724f13, 608671285ED90489EBE68BEB245C4D25BF85EF76) smtp.auth=jerome@mediaarea.net
To: Michael Richardson <mcr+ietf@sandelman.ca>, Liang Xia <frank.xialiang@huawei.com>
Cc: last-call@ietf.org, draft-ietf-cellar-ffv1.all@ietf.org, cellar@ietf.org, secdir@ietf.org
References: <159537782564.14553.11293321898516651562@ietfa.amsl.com> <21179.1595526609@localhost>
From: Jerome Martinez <jerome@mediaarea.net>
Message-ID: <a9dec8f1-077e-1b47-63c0-09652d126d3b@mediaarea.net>
Date: Sun, 9 Aug 2020 22:59:22 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0
MIME-Version: 1.0
In-Reply-To: <21179.1595526609@localhost>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
X-Ovh-Tracer-Id: 7183804356546007064
X-VR-SPAMSTATE: OK
X-VR-SPAMSCORE: 0
X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeduiedrkeeigdduheehucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuqfggjfdpvefjgfevmfevgfenuceurghilhhouhhtmecuhedttdenucenucfjughrpefuvfhfhffkffgfgggjtgfgsehtkeertddtfeejnecuhfhrohhmpeflvghrohhmvgcuofgrrhhtihhnvgiiuceojhgvrhhomhgvsehmvgguihgrrghrvggrrdhnvghtqeenucggtffrrghtthgvrhhnpeekhfdvgfeuhffggefhfffhtdehfffhudeuveejtdfgjefgleelueejheetfffgjeenucffohhmrghinhepghhithhhuhgsrdgtohhmnecukfhppedtrddtrddtrddtpdeivddrudegjedrudelledrieelnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmohguvgepshhmthhpqdhouhhtpdhhvghlohepphhlrgihvghrjeeiuddrhhgrrdhovhhhrdhnvghtpdhinhgvtheptddrtddrtddrtddpmhgrihhlfhhrohhmpehjvghrohhmvgesmhgvughirggrrhgvrgdrnhgvthdprhgtphhtthhopegtvghllhgrrhesihgvthhfrdhorhhg
Archived-At: <https://mailarchive.ietf.org/arch/msg/cellar/XVidil8tTd7eNoGmTCQPOI_C-sA>
Subject: Re: [Cellar] Secdir last call review of draft-ietf-cellar-ffv1-16
X-BeenThere: cellar@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Codec Encoding for LossLess Archiving and Realtime transmission <cellar.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cellar>, <mailto:cellar-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cellar/>
List-Post: <mailto:cellar@ietf.org>
List-Help: <mailto:cellar-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cellar>, <mailto:cellar-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Aug 2020 20:59:36 -0000

Hi,

On 23/07/2020 19:50, Michael Richardson wrote:
> Liang Xia via Datatracker <noreply@ietf.org> wrote:
>      > But about my one question, I have not seen any response or actions: "Issues for
>      > clarification: In Security Considerations, besides the DoS attacks brought by
>      > the malicious payloads, is there any other kinds of attack possibly? For
>      > example, virus or worm are hidden in the malicious payloads to attack the
>      > system for more damages? Does it make sense and what's the consideration?"
>
> Hi, thank you for the review comments.
> Aside from possible buffer-overflow attacks that would attempt to smash the
> stack of a process, none of the content carried in ffv1 is intended to be executable.
>
> A virus or worm hidden in the payload would be rendered as if it was visual
> data by normal software processing.
>
> Clearly, a malicious system could use the ffv1 format in an attempt to disquise
> itself, but that would take a co-consipirator to extract that content.

I second Michael on the lack of attack implying hidden content, as the 
expected output is only visual content.

I added a pull request on the spec for adding an explicit mention of the 
lack of content intended to be executed at 
https://github.com/FFmpeg/FFV1/pull/224 , in addition to fixes of issues 
found during last call review at https://github.com/FFmpeg/FFV1/pull/223

Jérôme