Re: [apps-discuss] Review of draft-ietf-appsawg-file-scheme

Matthew Kerwin <matthew@kerwin.net.au> Fri, 15 April 2016 07:10 UTC

Return-Path: <phluid61@gmail.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D162612D806; Fri, 15 Apr 2016 00:10:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.149
X-Spam-Level:
X-Spam-Status: No, score=-2.149 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1VARQNUESFko; Fri, 15 Apr 2016 00:10:28 -0700 (PDT)
Received: from mail-io0-x22b.google.com (mail-io0-x22b.google.com [IPv6:2607:f8b0:4001:c06::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0EB7612DBFB; Fri, 15 Apr 2016 00:10:15 -0700 (PDT)
Received: by mail-io0-x22b.google.com with SMTP id 2so126926194ioy.1; Fri, 15 Apr 2016 00:10:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc; bh=U+HU7AA5Kbjb3I9o1TI/6KnQC3KmiT1wUlr6tI4yEc8=; b=irLN9rnPgZGlBijNCF+Rv+nd3/SbJ93+0+v/MR+gCi60dz5Rz29CJt4f2mLsVinKV8 yji+EXlgMhOhUdHd8J2PnWHwdHr+XKBNlbou3ni19SeLZXK4w65yphQUq2Tpstyk+bg9 xYagqbS1NU3hyqLsk0a0Q+sGc2BkG65dglT37sIHxLd145Hcwp8t5qLPsXe2uixqhlMW kdutojH0Eekb0+jiiqNSJJryNvHTr8AII43YYnSCGclxqmnT5WNp1Nk5ya/pt4ugznJp R/A2SQpqGCuEO9b+PTBP00u6Xh6uiau9lZoAbeaYW64fkEEN2gOAT2lnLzTSKPGHhiBX RyRg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc; bh=U+HU7AA5Kbjb3I9o1TI/6KnQC3KmiT1wUlr6tI4yEc8=; b=CplDIBiigzYKQ7FyG3BZHQZyPRAdip4X3iifp5ZytlVJBAH9QZbdtYD5Fg9at/DdJe wK7gvPwzpv5HHlL98Fme3b7px3uizO4FZRGL1D1FjpoczHlXYQeFR5+pA2hZ6idxlQ/f ueak8Z9JyGCQY8VwAF2Kyq8bBbAztfQnimnQHRKae6N98pyD4u5Eh01JLKTUzQ8MwKiW 6gixMEGyooBuZOKKoVti6PdjHDG50cPaxKl4zTlLcCYio1mJT9B1XuEidyso8d1QI4xj MRNILmNEwSRshlbB+unfb8EvJsd5PMKCbXbFsmM3JwMNLOBPWMAOSV9+PMjddaXPeF5a aMPA==
X-Gm-Message-State: AOPr4FWg4BSzz0JAdzhJLHHl7YzoXl1RkZ1UezC5hfdIm2uQYLkl5e/Blc+UkS8n6WVRoTVJj5amVUYy9bidKA==
MIME-Version: 1.0
X-Received: by 10.107.15.159 with SMTP id 31mr20345189iop.3.1460704214274; Fri, 15 Apr 2016 00:10:14 -0700 (PDT)
Sender: phluid61@gmail.com
Received: by 10.107.166.78 with HTTP; Fri, 15 Apr 2016 00:10:14 -0700 (PDT)
In-Reply-To: <570E2510.4040408@ninebynine.org>
References: <570D4C99.1030405@dcrocker.net> <CACweHND-OX+5okkJ+oE=6UN84x+CFtPBpMnU8HqaPbgQgJ_oWA@mail.gmail.com> <570E2510.4040408@ninebynine.org>
Date: Fri, 15 Apr 2016 17:10:14 +1000
X-Google-Sender-Auth: cixo86svRJR24LQ7fOteQ_4NjN0
Message-ID: <CACweHNCLS+QU2QveqYjkuPnDybbm-dtX9qQPsO4tTkgUoc5QYg@mail.gmail.com>
From: Matthew Kerwin <matthew@kerwin.net.au>
To: Graham Klyne <gk@ninebynine.org>
Content-Type: multipart/alternative; boundary=001a113ee868d07ac7053080b39c
Archived-At: <http://mailarchive.ietf.org/arch/msg/apps-discuss/UBomhwO07Gq5TAd34RYjRAyhUos>
Cc: draft-ietf-appsawg-file-scheme@ietf.org, Dave Crocker <dcrocker@bbiw.net>, Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] Review of draft-ietf-appsawg-file-scheme
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/apps-discuss/>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Apr 2016 07:10:30 -0000

On 13 April 2016 at 20:53, Graham Klyne <gk@ninebynine.org> wrote:

> ​​
>
> (Local interpretation may not be, but I'd suggest that's a local
> implementation issue.  At most, make a note as a local handling issue in
> the appendices? Hmmm... are there any security considerations here that
> should be flagged - relating to possible unexpected aliasing from case-only
> differences between files.)
>
>
I think the talk about case-sensitivity is worthwhile keeping inline, even
if it's touching on system-specific issues.

Regarding security considerations, I've added some tentative hand-waving:

""
Some file systems have case-sensitive file naming and some do not.
Care must (?) be taken to avoid issues resulting from possibly
unexpected aliasing from case-only differences between file paths or
URIs.
""

I'm open to suggestions for improvement (or deletion.)

Cheers
-- 
  Matthew Kerwin
  http://matthew.kerwin.net.au/