IETF Logo Mail Archive

Re: [apps-discuss] Working Group Last Call on draft-ietf-appsawg-multipart-form-data

Ned Freed <ned.freed@mrochek.com> Thu, 06 November 2014 16:32 UTC

Return-Path: <ned.freed@mrochek.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FBDB1A8850 for <apps-discuss@ietfa.amsl.com>; Thu, 6 Nov 2014 08:32:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.596
X-Spam-Level:
X-Spam-Status: No, score=-2.596 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-0.594, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FXnH44WC1gJs for <apps-discuss@ietfa.amsl.com>; Thu, 6 Nov 2014 08:32:32 -0800 (PST)
Received: from mauve.mrochek.com (mauve.mrochek.com [66.159.242.17]) by ietfa.amsl.com (Postfix) with ESMTP id 08D221A884C for <apps-discuss@ietf.org>; Thu, 6 Nov 2014 08:32:32 -0800 (PST)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01PEMGZ7QII80052L8@mauve.mrochek.com> for apps-discuss@ietf.org; Thu, 6 Nov 2014 08:27:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mrochek.com; s=mauve; t=1415291250; bh=+VcjkDUL41FV4rQxNX5rkpwurOeRC9Sbyw6bt8PTs2c=; h=Cc:Date:From:Subject:In-reply-to:References:To; b=NAay0uY6tk9SOId7BKtS5q2c2jKG4BOQ/VRQLwq1YZs58jMlCGP9LC9VCYMCgHQWP 6TjMWi1vMxAfmk4YPnLtgSlfC7rfyZHIBs3ftBPsOjNdn52HQ3G0iyVzb6Z8QTfkk7 Dv7O5bHxPOa2pgKg2yUTMRDGBLSS/plH1479RXEk=
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: TEXT/PLAIN; CHARSET="US-ASCII"
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01PEKZE5Z31C003WE3@mauve.mrochek.com>; Thu, 06 Nov 2014 08:27:27 -0800 (PST)
Message-id: <01PEMGZ6AW9C003WE3@mauve.mrochek.com>
Date: Thu, 06 Nov 2014 08:02:05 -0800
From: Ned Freed <ned.freed@mrochek.com>
In-reply-to: "Your message dated Thu, 06 Nov 2014 14:28:21 +0000" <3D8DFE75-8015-4CA2-BF2B-8B62C9E450B5@ericsson.com>
References: <CAL0qLwZfyh6KGb9HwSjmTV0UTCrGUR+syOugPD72z81Auy8hrg@mail.gmail.com> <CAL0qLwbY7gfGaTL50K4w1LVxH_3n203aVaXuGUJkHeWhk2D+Ew@mail.gmail.com> <CAL0qLwZaSCLRBDb0-j7qQqdYrZhsZEWwPtFdCK4xL9GftVyC9Q@mail.gmail.com> <A94938DD-E160-41F7-A91D-46280DF1D9F9@ericsson.com> <CAL0qLwZbk+tnCF0x=pRPdocuhc-zsr0dq5of3vE=qhyyHFXrQA@mail.gmail.com> <3D8DFE75-8015-4CA2-BF2B-8B62C9E450B5@ericsson.com>
To: Salvatore Loreto <salvatore.loreto@ericsson.com>
Archived-At: http://mailarchive.ietf.org/arch/msg/apps-discuss/jpzPOptdNuGbiMMzLQRltEIs4e0
Cc: IETF Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] Working Group Last Call on draft-ietf-appsawg-multipart-form-data
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss/>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Nov 2014 16:32:33 -0000

> I am acting as shepherd for the appsawg-mutlipart-form-data

> The wg lc for this draft has been issued on September 16, but since then nobody has sent
> any comment/feedback to the list.

> We really need people reviewing this document and providing their feedback
> in order to determine if there is or not working group consensus to be publish this draft.

A few comments.

The wording in section 5.1 is a little odd. Quotes are only required
around parameter values when a tspecial character is present. But the way
this section is worded makes it sound like parameters always have to be
quoted and systems that emit an unquoted parameter are doing something
that's at a minimum wierd if not downright incorrect. I don't have
alternate wording to suggest, but some clarification would be good.

I question the need to reference RFC 1806 in section 5.2. RFC 2183  is the
standards-track specification of content-disposition which replaced the
experimental RFC 1806. (OTOH, the documents say that RFC 2183 updates RFC 1806;
I don't understand why it didn't obsolete it. So maybe there's some need to
reference it...)

Section 5.2 makes use of the content-disposition "name" parameter. When I
checked the IANA registry for this parameter
(http://www.iana.org/assignments/cont-disp/cont-disp.xhtml#cont-disp-2) I
noticed something odd: The parameter is supposedly defined in RFC 2388, which
is the earlier version of this document. Moreover, RFC 2388 just talks about
the parameter, it doesn't actually say it registers it.

I suggest adding appropriate registration text to the IANA Considerations
section and updating the registry to point to this document.

Section 5.9 talks about what MIME fields are supported in form data parts,
but doesn't go so far as to say they MUST NOT be present. It might be
a good thing to clarify whether they are simply ignored if present or whether
they might actually screw things up if you include them.

Section 8 and/or the security considerations in section 9 probably should
say something about privacy and integirty protection for form data.

All media types are supposed to state whether or not they involve executable
content, so this needs to be mentioned in section 9.

That's it.

				Ned

v2.23.0 | Report a Bug | By Email