Reviewer: Mohit Sethi
Review result: Ready

I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last-call comments.

This document defines multimedia container tags for Matroska files, which carry multimedia data. Standardizing these tags allows applications to process and act on them uniformly. This draft is certainly not in my area of expertise but it was interesting to read and learn about something new. 

The primary security concerns stem from the parsing of various tag fields, which is an inherent risk in any scenario involving the processing of external structured data. Without proper input validation and robust error handling, processing malformed data could lead to vulnerabilities. For this, the draft primarily points to the security considerations of RFC 9559 (Matroska Media Container Format Specification) and RFC 8794 (Extensible Binary Meta Language). The draft also correctly notes that nesting of tags could be exploited with very deep nesting to exhaust memory of the entity parsing the tag fields.

It is not common for drafts to justify the rationale for standardizing as is done in section 3.1 of this draft. I like it.

Preventing multiple items from being stored as a single list is not the most storage optimal? Perhaps document the justification for enforcing multiple SimpleTags with the different values instead of a list?