Re: [apps-discuss] Missing IANA Considerations for TFTP
Frank Ellermann <hmdmhdfmhdjmzdtjmzdtzktdkztdjz@gmail.com> Mon, 22 August 2011 08:52 UTC
Return-Path: <hmdmhdfmhdjmzdtjmzdtzktdkztdjz@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8768821F8AD8 for <apps-discuss@ietfa.amsl.com>; Mon, 22 Aug 2011 01:52:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.79
X-Spam-Level:
X-Spam-Status: No, score=-102.79 tagged_above=-999 required=5 tests=[AWL=0.309, BAYES_00=-2.599, FROM_LOCAL_NOVOWEL=0.5, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MicU2iIa9QgN for <apps-discuss@ietfa.amsl.com>; Mon, 22 Aug 2011 01:52:28 -0700 (PDT)
Received: from mail-pz0-f45.google.com (mail-pz0-f45.google.com [209.85.210.45]) by ietfa.amsl.com (Postfix) with ESMTP id D59AB21F8ACC for <apps-discuss@ietf.org>; Mon, 22 Aug 2011 01:52:28 -0700 (PDT)
Received: by pzk33 with SMTP id 33so16082491pzk.18 for <apps-discuss@ietf.org>; Mon, 22 Aug 2011 01:53:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=+YFKNF8lW9vNlnEcDZQTfOP5l2D/J6tH9VsjznLp5j4=; b=YFZX9L3cbb3cRR1qiPkbKsFKXZEQI8jwh6rFOvbF6v1kOvamCcednURJIMerKFVRz1 /maPezZ8LY85TA2a1X9Liz1DqcXYAj7/0XhRabP8hcrWbejfq3RiWBB4CjZ/ya918T28 iZng222yBMaKaUitEzCxxVsF/mcnwjBqiSAOs=
Received: by 10.142.44.15 with SMTP id r15mr1515380wfr.127.1314003213139; Mon, 22 Aug 2011 01:53:33 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.142.98.5 with HTTP; Mon, 22 Aug 2011 01:53:13 -0700 (PDT)
In-Reply-To: <2936C17968C3337AA978E4A4@localhost>
References: <4E50D21B.1070500@gmail.com> <CAHhFybpK-6n2v+zXzx5tC9h0YBL1mi8Q0OSVVkVa0ZDRULaWDQ@mail.gmail.com> <4E51D891.20609@gmail.com> <4E51F0B4.1020102@alvestrand.no> <2936C17968C3337AA978E4A4@localhost>
From: Frank Ellermann <hmdmhdfmhdjmzdtjmzdtzktdkztdjz@gmail.com>
Date: Mon, 22 Aug 2011 10:53:13 +0200
Message-ID: <CAHhFybo88Ojr35FHsLijZU2FC8NHgjHPHE3m4udETzuAfVCirg@mail.gmail.com>
To: John C Klensin <john-ietf@jck.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: Harald Alvestrand <harald@alvestrand.no>, Apps-discuss list <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] Missing IANA Considerations for TFTP
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Aug 2011 08:52:29 -0000
On 22 August 2011 09:27, John C Klensin wrote: > Historically, we rarely created IANA registries for protocol > options unless we expected an ongoing series of added options. Good. Creating obscure IANA registries and expert review lists before they are actually needed could be pointless, i.e., as long as all interesting protocol parameters can be found in one RFC. And expert review lists not more working after years when eventually somebody found something to register would be worse. > As an example, the FTP registry created by RFC 5797 arguably > should have been created when a formal extension mechanism was > established in RFC 3659 Only four of five stars, because RFC 5797 does not mention the registry URL. But the RFC 3659 registry is a dubious example: <URL:http://www.iana.org/assignments/os-specific-parameters> > Because TFTP lacks even rudimentary, symbolic, security > mechanisms, it is unsuited for use on the public Internet. Maybe the TFTPS in the port registry was meant to improve it. When a modern BIOS offers a "net boot" it *is* talking about TFTP, or isn't it? I'm not planning to implement or test it. There is even a registered TFTP URI scheme in RFC 3617, and if I understand RFC 3617 correctly it tried to *deprecate* TFTP without actually doing it using pre STD 66 terminology. But I have an idea what happened, note to self, do not try to update cram-md5 by scram-md5, or rather, don't try this in the IETF. > If someone wanted to put in energy on TFTP today, I think > that energy would be better spent in a good security analysis > and set of recommendations as to how to use it safely. "Security" is some IETF stuff that is deprecated before I begin to grok what it was actually about, I try to avoid it unless it is a nice test case for an MD5 test suite: It can now emulate RFC 2777, did you ever wish to check NomCom random selections for the years before RFC 3797? <gd&r> -Frank
- [apps-discuss] Missing IANA Considerations for TF… Mykyta Yevstifeyev
- Re: [apps-discuss] Missing IANA Considerations fo… Frank Ellermann
- Re: [apps-discuss] Missing IANA Considerations fo… Mykyta Yevstifeyev
- Re: [apps-discuss] Missing IANA Considerations fo… Harald Alvestrand
- Re: [apps-discuss] Missing IANA Considerations fo… John C Klensin
- Re: [apps-discuss] Missing IANA Considerations fo… t.petch
- Re: [apps-discuss] Missing IANA Considerations fo… Frank Ellermann