On Thu, Aug 11, 2022 at 4:39 PM Tero Kivinen via Datatracker <noreply@xxxxxxxx> wrote: > > Reviewer: Tero Kivinen > Review result: Has Issues > > I have reviewed this document as part of the security directorate's ongoing > effort to review all IETF documents being processed by the IESG. These > comments were written primarily for the benefit of the security area directors. > Document editors and WG chairs should treat these comments just like any other > last call comments. > > In my previous review I listed lots of new possible security concerns that might > apply for graphic libraries, and those were added to the security considerations > section, but what was left out was the text I proposed to say that current > graphics file format libraries have very important role in the security, as > so many applications takes images from the untrusted sources and shows them > on the screen, so writing graphics format libraries should require similar > security sensitive programming methods than cryptographic libraries etc. > Thank you for clarifying, Tero. I missed that suggestion when making the update in v05. > I think adding text in the security considerations section warning stating > something like this might be needed: > > As graphics file format libraries are used in so many places and used in > ways where they often take inputs from unknown and perhaps unsafe source, > and where there can be severe security issues both on clients (web > browsers, email clients) and servers (for example when automatically > converting uploaded images from one format to another format on servers), > the implementations of the graphic file format libraries needs to be > written in a way that considers security as one of the primary goals of > the library, perhaps even before the speed of the decompression or the > compression efficiency of the generated file. > I've made this change locally, with some light edits. -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
