Re: [apps-discuss] Review of draft-ietf-appsawg-file-scheme

Matthew Kerwin <matthew@kerwin.net.au> Sat, 07 May 2016 07:54 UTC

Return-Path: <phluid61@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A2E7112D0E2; Sat, 7 May 2016 00:54:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.149
X-Spam-Level:
X-Spam-Status: No, score=-2.149 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xFCshKsJHBey; Sat, 7 May 2016 00:54:06 -0700 (PDT)
Received: from mail-ig0-x22b.google.com (mail-ig0-x22b.google.com [IPv6:2607:f8b0:4001:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F49912B065; Sat, 7 May 2016 00:54:06 -0700 (PDT)
Received: by mail-ig0-x22b.google.com with SMTP id u10so65499141igr.1; Sat, 07 May 2016 00:54:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc; bh=AWD66+3NWp5LwhJDUokXabHMR2ZjbXQwEqympPQcMiY=; b=OQv/o8y1mfdDiLXyKNT5aIXvmhhDM+W0JNMqGtZvnMgNtmsaSwjd0qpsoeZMv6MKxh bpOLWfeoIDLKdGFW2U4HxmOqCN4aF87VPZLpujdKg1BofSBN7zadNFDKhhozu6eCzjKl 0xwmglXhm1f5u8bbQtQnT/mrjVfcB6i614RxLfS+kW5Iwz9U/9HGiyDBKYt2YWDKfZys 5STtF1VvJHZBZqbDdWJJrRo2joxx+XOHVHvwVeb/P7CKtBhuGC2txq/9Ch2fF1l1clhQ wBp7En4cDsbQJ0noqr/6ciFB2I15yATBmQEozXHm7Cs9Ti0Pe2+SCJusb5DHeLb922wG Wbrg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc; bh=AWD66+3NWp5LwhJDUokXabHMR2ZjbXQwEqympPQcMiY=; b=Gm5bBWRUZFiGU/+jAll2OqoTLib36ZcFzzRYShSfFBdQh67IKOGsKLppPlQgWciDP3 ZhkZsKVveb97hSh+WNTwZhYgtCWGLwczd/DRgqBl+j10pu4JzZiiHvUKRE1ttGW2jaT6 kON0FrIwxwfpuM/zdWcoAVw2UwidMWVPWRt1FphjqwuAqdSIJkN/NnXwwUTyVPYUecCy tXQVmYv4FW9BKZFT2vn+6vGGilf8w/Pln4ngnxm5DBpsYe4yL06kZy1CJJs6VMT08n2N baTAGtmdyPQvXJjhUfY31488kI+dAXYhFZSOB4OZK7zZkASQtPmTzy9ycbn70hgNtXGK XZxQ==
X-Gm-Message-State: AOPr4FU1njjskctlWABDY3SXRcdaLkq+Uj4yu2gJOH30jlww7OkJjbZS5hYxmugRR2I4VucxZu3hWpwQGoviSA==
MIME-Version: 1.0
X-Received: by 10.50.29.39 with SMTP id g7mr1034742igh.50.1462607645991; Sat, 07 May 2016 00:54:05 -0700 (PDT)
Sender: phluid61@gmail.com
Received: by 10.107.138.230 with HTTP; Sat, 7 May 2016 00:54:05 -0700 (PDT)
Received: by 10.107.138.230 with HTTP; Sat, 7 May 2016 00:54:05 -0700 (PDT)
In-Reply-To: <5710953E.5040505@gmx.de>
References: <570D4C99.1030405@dcrocker.net> <CACweHND-OX+5okkJ+oE=6UN84x+CFtPBpMnU8HqaPbgQgJ_oWA@mail.gmail.com> <570E2510.4040408@ninebynine.org> <CACweHNCLS+QU2QveqYjkuPnDybbm-dtX9qQPsO4tTkgUoc5QYg@mail.gmail.com> <5710953E.5040505@gmx.de>
Date: Sat, 7 May 2016 17:54:05 +1000
X-Google-Sender-Auth: XQ37J1jZuCWGZGywSRxpRwu0-zQ
Message-ID: <CACweHNDuDnP4P-4suUaFpS0OX-CbAYxn39jsZ3O_s-KYn=qbKw@mail.gmail.com>
From: Matthew Kerwin <matthew@kerwin.net.au>
To: Julian Reschke <julian.reschke@gmx.de>
Content-Type: multipart/alternative; boundary=047d7bd758cc2f68a905323be1e6
Archived-At: <http://mailarchive.ietf.org/arch/msg/apps-discuss/HQ3cBLXax_d6mPHYKjIYbPJzHXE>
Cc: IETF Apps Discuss <apps-discuss@ietf.org>, draft-ietf-appsawg-file-scheme@ietf.org
Subject: Re: [apps-discuss] Review of draft-ietf-appsawg-file-scheme
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/apps-discuss/>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 May 2016 07:54:09 -0000

Hi again everyone, sorry for the dead air. I've been trying to work on
these last open comments but am not really sure how tp address them.

On 15/04/2016 5:17 PM, "Julian Reschke" <julian.reschke@gmx.de> wrote:
>
> On 2016-04-15 09:10, Matthew Kerwin wrote:
>>
>>
>> Regarding security considerations, I've added some tentative hand-waving:
>>
>> ""
>> Some file systems have case-sensitive file naming and some do not.
>> Care must (?) be taken to avoid issues resulting from possibly
>> unexpected aliasing from case-only differences between file paths or
>> URIs.
>> ""
>>
>> I'm open to suggestions for improvement (or deletion.)
>
>
> case-insensitive (DOS?) < case-preserving (NTFS) < case-sensitive (others)
>
> ...so maybe mention all the three cases.
>

A case-based typo in a case-sensitive system gives an unwanted 404; an
intentional difference in a case-insensitive system gives an unwanted 200.
Case preservation doesn't really add anything to the issue, does it?

> Best regards, Julian
>
> PS: it might also be good to touch Unicode normalization forms...
>

How's this?

""
Care must be taken to avoid issues resulting from aliasing from mismatched
encodings or Unicode equivalences.
""

Cheers