Re: [Cellar] Roman Danyliw's Discuss on draft-ietf-cellar-matroska-18: (with DISCUSS and COMMENT)
Steve Lhomme <slhomme@matroska.org> Sat, 12 August 2023 11:54 UTC
Return-Path: <slhomme@matroska.org>
X-Original-To: cellar@ietfa.amsl.com
Delivered-To: cellar@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E23FEC14CE53 for <cellar@ietfa.amsl.com>; Sat, 12 Aug 2023 04:54:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.904
X-Spam-Level:
X-Spam-Status: No, score=-1.904 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=matroska-org.20221208.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u3eQj-NZeKco for <cellar@ietfa.amsl.com>; Sat, 12 Aug 2023 04:54:54 -0700 (PDT)
Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24AFBC15106D for <cellar@ietf.org>; Sat, 12 Aug 2023 04:54:53 -0700 (PDT)
Received: by mail-wm1-x329.google.com with SMTP id 5b1f17b1804b1-3fe1d9a8ec6so22303065e9.1 for <cellar@ietf.org>; Sat, 12 Aug 2023 04:54:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=matroska-org.20221208.gappssmtp.com; s=20221208; t=1691841291; x=1692446091; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=vgJ0xgXLFSakmlqyvxsLqRa4vBWE4fV1ZA5lCvOoSIU=; b=ACaMUBppdOLajrkTKPxPYWGfinjLNxmX1mPvNNwYf9npzJB+xCBczqrtLpw3xCcNGE eimhjK/m57idPZTPbC6au4jngqoPKP8ustYhJeN9EIyOTIpYbMcExHh2kms9dwKzWKwp c4gvNjTJQl884ObuxDoOn1/1fn7bWPC34Gag9D1tbH5BycggrqfN2HzKQ0gBsynsnxTi V5fc8CONycSgQaa0u3WTbE81oL/48xCFlvJIexFmE3BW7fDgjKzE8SsqNl0FwMu9COiK oQL0onyjjnL0YTtvHGFG7mNoC6j+bjIyGcHBB2+cJDmp9svWPKyWgYzGFc/eULNbCagZ qTtQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691841291; x=1692446091; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=vgJ0xgXLFSakmlqyvxsLqRa4vBWE4fV1ZA5lCvOoSIU=; b=J7jnij9JGHp/g66y4dDdTzG39cILS2Oqga4KX9DLjVisrnbuAdFLogloT2BmtWacgJ r/0pijLgJfL7Jya389IhdRTjnQqNl4Tjl7pnNEcj6vrDxRJwk04uv2rbNC++PwO14nX8 SkZrtl+wouGxPUYRvXtHFe5437yc7M/5JpBcJ44nLcjRHg8c8uRAf7r+irAmcQfFaGlY 79J3iR+spb5PGQNG9847zk1TBDlXvUi1eH2DDGE7JT3FIRiPzXXDE3bYEku6KsnLL2B1 FZN2VKelEpudVgQ0mV6W8cIPiO86YbGO+scOwV9TwJ+7KH07kpfTMjD1qrrOqpdaUZF8 a7jw==
X-Gm-Message-State: AOJu0Yy4gPxuqrNbOSDnbJx8JbKIuMUfEtOoAKjoiB3TaM0eK22COJAH voA66HMJzmFK3JtmdRX3QopRxQ==
X-Google-Smtp-Source: AGHT+IFTQ30vCIla4eS8OD9N5wLRunJmDtnYepBYXZtTaxpCZ021n7Wi3ULi/2ZuyMPPtDoKREhYrw==
X-Received: by 2002:a05:600c:b99:b0:3fa:88b4:bff3 with SMTP id fl25-20020a05600c0b9900b003fa88b4bff3mr6177604wmb.11.1691841291156; Sat, 12 Aug 2023 04:54:51 -0700 (PDT)
Received: from smtpclient.apple (2a01cb0c0020e900b0b666e8617ff077.ipv6.abo.wanadoo.fr. [2a01:cb0c:20:e900:b0b6:66e8:617f:f077]) by smtp.gmail.com with ESMTPSA id v9-20020a5d6b09000000b0031759e6b43fsm8390538wrw.39.2023.08.12.04.54.50 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 12 Aug 2023 04:54:50 -0700 (PDT)
From: Steve Lhomme <slhomme@matroska.org>
Message-Id: <FAB318CA-9E8F-4664-AC67-8EB29E8D1587@matroska.org>
Content-Type: multipart/alternative; boundary="Apple-Mail=_4A3325A8-2E63-4582-AB33-A61CC1A7A9E9"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6\))
Date: Sat, 12 Aug 2023 13:54:39 +0200
In-Reply-To: <994BBF57-8B9C-4D3F-8F36-895025543131@matroska.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-cellar-matroska@ietf.org, cellar-chairs@ietf.org, Codec Encoding for LossLess Archiving and Realtime transmission <cellar@ietf.org>, Michael Richardson <mcr+ietf@sandelman.ca>
To: Roman Danyliw <rdd@cert.org>
References: <169023457125.6621.17494431568319622884@ietfa.amsl.com> <3C91722A-7BF5-481B-AC7E-0D8ADC8A5F2B@matroska.org> <994BBF57-8B9C-4D3F-8F36-895025543131@matroska.org>
X-Mailer: Apple Mail (2.3731.700.6)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cellar/gsOcgQCMueH9_i3xvq1Q-DePTNA>
Subject: Re: [Cellar] Roman Danyliw's Discuss on draft-ietf-cellar-matroska-18: (with DISCUSS and COMMENT)
X-BeenThere: cellar@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Codec Encoding for LossLess Archiving and Realtime transmission <cellar.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cellar>, <mailto:cellar-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cellar/>
List-Post: <mailto:cellar@ietf.org>
List-Help: <mailto:cellar-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cellar>, <mailto:cellar-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Aug 2023 11:54:58 -0000
Hi everyone, The Pull Request has been merged with all the changes, plus additional wording fixes. This is now in version 19 of the draft: https://datatracker.ietf.org/doc/draft-ietf-cellar-matroska/19/ Steve > On 5 Aug 2023, at 13:09, Steve Lhomme <slhomme@matroska.org> wrote: > > Hi Roman, > >> On 30 Jul 2023, at 14:41, Steve Lhomme <slhomme@matroska.org> wrote: >> >>> [Per -16] >>>> ** Section 5.1.4.1.31.10. ContentEncKeyID Element. >>>> definition: For public key algorithms this is the ID of the public >>>> key the the data was encrypted with. >>>> >>>> The descriptive text is suggesting that the ID to a public key if public key >>>> algorithms are described. However, Table 26 only lists symmetric algorithms. >>>> How is this key ID used? >>> >>> I didn’t receive a response to this feedback. Even recognizing that the >>> security solution is out-of-scope, this text is inconsistent with existing text >>> as described above. Is the public key solution a KEK? >> >> I had to lookup what a KEK is. I think the important naming here is ContentEncKeyID. It does not say it’s public or just a generic key. We could just remove the word “public” from the text. >> >>> There is related text in Section 14 which references public keys which should >>> be harmonized. Specifically: >>> >>> For encryption systems sharing public/private keys, the creation of >>> the keys and the exchange of keys are not covered by this document. >>> They have to be handled by the system using Matroska. > > A bit more on this. I did my own research and found out about Key IDs in the Encrypted Media Extension [1]. As the name suggests, it’s not an actual key but an ID the host app has to interpret. > However for asymmetric encryption algorithms, ie that use a public key, it may usually be preferred to share the public key rather than an ID. For symmetric algorithms the key must not be in the file, that’s why it’s using an ID that both sides must understand. > > None of the algorithms in ContentEncAlgo are asymmetric ones. So for now we don’t support asymmetric encryption. If that ever happens we’ll need to define where the public key goes. IMO it could be ContentEncKeyID if the key is not in the file. And it should be a different element if the key is in the file. > >>>> ** Section 5.1.4.1.31.*. AES and associated modes (CTR and CBC) are named. >>>> What is the key size? Is it AES-128 (?) or -256. [WebM-Enc] references in >>>> Section 14 suggests it is 128. Please be explicit. >>> >>> Please explicitly say that some of the algorithms described in Table 26 support >>> different modes of operations and key sizes. The specification of these >>> parameters is required for a complete solution, but is out of scope of this >>> document and left to the propriety implementations using them or subsequent >>> profiles of this document. >> >> Isn’t the key stored in ContentEncKeyID ? If so the size of the key is the size of the data in the element. It doesn’t need to be written somewhere else. >> So if your system only supports AES-256 but ContentEncKeyID only has 16 octets (128 bits) then you don’t support it. >> >> The WebM spec also doesn’t mention it but it’s implied by the elements necessary to support their encryption system. > > OK, now I understand we do not put any actual key in the Matroska files. So we can’t deduce the key size from our element. > > I added your text suggestion in the Pull Request [2] > > [1] https://www.w3.org/TR/encrypted-media/ > [2] https://github.com/ietf-wg-cellar/matroska-specification/pull/797
- [Cellar] Roman Danyliw's Discuss on draft-ietf-ce… Roman Danyliw via Datatracker
- Re: [Cellar] Roman Danyliw's Discuss on draft-iet… Steve Lhomme
- Re: [Cellar] Roman Danyliw's Discuss on draft-iet… Steve Lhomme
- Re: [Cellar] Roman Danyliw's Discuss on draft-iet… Steve Lhomme
- Re: [Cellar] Roman Danyliw's Discuss on draft-iet… Roman Danyliw