[payload] Stephen Farrell's Discuss on draft-ietf-payload-rtp-h265-14: (with DISCUSS and COMMENT)
"Stephen Farrell" <stephen.farrell@cs.tcd.ie> Tue, 01 September 2015 12:49 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: payload@ietfa.amsl.com
Delivered-To: payload@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 616751B530B; Tue, 1 Sep 2015 05:49:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XEW-6v2npqBw; Tue, 1 Sep 2015 05:49:47 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id BB27C1B2F19; Tue, 1 Sep 2015 05:49:47 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.4.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20150901124947.6862.19178.idtracker@ietfa.amsl.com>
Date: Tue, 01 Sep 2015 05:49:47 -0700
Archived-At: <http://mailarchive.ietf.org/arch/msg/payload/wZT76un2H1kYnNOjLCksmlr1wf4>
Cc: payload-chairs@ietf.org, payload@ietf.org, draft-ietf-payload-rtp-h265@ietf.org
Subject: [payload] Stephen Farrell's Discuss on draft-ietf-payload-rtp-h265-14: (with DISCUSS and COMMENT)
X-BeenThere: payload@ietf.org
X-Mailman-Version: 2.1.15
List-Id: Audio/Video Transport Payloads working group discussion list <payload.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/payload>, <mailto:payload-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/payload/>
List-Post: <mailto:payload@ietf.org>
List-Help: <mailto:payload-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/payload>, <mailto:payload-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Sep 2015 12:49:49 -0000
Stephen Farrell has entered the following ballot position for draft-ietf-payload-rtp-h265-14: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-payload-rtp-h265/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- (1) For a 99 page detailed specification, the security considerations are tremendously brief. There are two non-boilerplate paragraphs - one says developers "MUST exercise caution" (meaning what precisely?) and the other extolls the virtues of not encrypting. For a 99 page specification of a highly non-trivial encoding scheme, I would have expected to see the results of a better analysis. Was that analysis done? That should at least include consideration of the CVEs already published relating to H.264 [1] which include 34 CVEs relating to various kinds of remote-code-execution and DoS. If the authors here are asserting that this presumably more complex codec will have few vulnerabilities, then I would welcome seeing the justification for that statement. (Note: In some cases with payload drafts, authors can fairly claim that the I-D does not describe the payload in detail and hence that the security considerations text need not be comprehensive as implementers are expected to find that elsewhere. In this case, the 99 pages strongly argues otherwise IMO - there are plenty of ways to go badly wrong implementing what is stated in this draft.) To summarise: "MUST exercise caution" is not useful, can't you translate that into actionable advice to an implementer based on experience with security issues found with this and similar codecs? [1] https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=h.264 (2) This is just a process nit probably. The shepherd write-up doesn't mention the Nokia IPR declaration. Were the WG also ok with that one? The write-up seems to pre-date that latest IPR declaration, which is from a company that seems to employ one of the authors. That is odd timing really so can someone explain the sequence of events and why all is well? ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- - General: I was puzzled as to why there is so much text that is presumably non-normative explanatory text covering what is elsewehere in (I guess) ITU documents. It seems like there is a lot, but not enough, here for an implementer. - 4.1: " The assignment of an RTP payload type for this new packet format is outside the scope of this document and will not be specified here. " Huh? That's confusing. For me at least. - p75 - why would md5 ever be most-preferred these days? Better to not say that, even in an example. Even better would be to deprecate md5 even for this non-security purpose to simplify code-audit. Or, if there is some reason why e.g. sha256 isn't suited then explaining that would also help for code-audits.
- [payload] Stephen Farrell's Discuss on draft-ietf… Stephen Farrell
- Re: [payload] Stephen Farrell's Discuss on draft-… Ben Campbell
- Re: [payload] Stephen Farrell's Discuss on draft-… Wang, Ye-Kui
- Re: [payload] Stephen Farrell's Discuss on draft-… Ben Campbell
- Re: [payload] Stephen Farrell's Discuss on draft-… Ben Campbell
- Re: [payload] Stephen Farrell's Discuss on draft-… Wang, Ye-Kui
- Re: [payload] Stephen Farrell's Discuss on draft-… Stephan Wenger
- Re: [payload] Stephen Farrell's Discuss on draft-… Ben Campbell
- Re: [payload] Stephen Farrell's Discuss on draft-… Roni Even
- Re: [payload] Stephen Farrell's Discuss on draft-… Stephan Wenger
- Re: [payload] Stephen Farrell's Discuss on draft-… Ben Campbell
- Re: [payload] Stephen Farrell's Discuss on draft-… Stephen Farrell