The IESG has approved the following document: - 'The application/smil and application/smil+xml Media Types ' <draft-hoschka-smil-media-type-12.txt> as an Informational RFC This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Ted Hardie. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-hoschka-smil-media-type-12.txt Technical Summary This document registers application/smil and application/smil+xml media types. I Working Group Summary This document is not the product of an IETF working group, but was considered by the World Wide Web Consortium as part of its processes. SMIL 2.0 is currently a W3C Recommendation. Protocol Quality The document was reviewed for the IESG by Ted Hardie. Note to RFC Editor Please add a new Section 6, as follows and renumber. Security considerations SMIL documents contain a construct that allows "infinite loops". This is indispensable for a multimedia format. However, SMIL clients should foresee provisions such as a "stop" button that lets users interrupt such an "infinite loop". As with HTML, SMIL documents contain links to other media (images,sounds, videos, text, ...) and those links are typically followed automatically by software, resulting in the transfer of files without the explicit request of the user for each one. The security considerations of each linked file are those of the individual registered types. The SMIL language contains "switch" elements. SMIL provides no mechanism that assures the media objects contained in a "switch" element provide equivalent information. An author, knowing that one SMIL player will display one alternative of a "switch" and another will display a different part, can put different information in the two parts. While there are legitimate use cases for this, this also gives rise to a security consideration: The author can fool viewers into thinking that the same information was displayed when in fact it was not. In addition, all of the security considerations of RFC3023 also apply to SMIL. _______________________________________________ IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce