IETF Logo Mail Archive

Re: [apps-discuss] update to rfc5965

Dave Cridland <dave@cridland.net> Sun, 07 July 2013 15:31 UTC

Return-Path: <dave@cridland.net>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30B9221F9F63 for <apps-discuss@ietfa.amsl.com>; Sun, 7 Jul 2013 08:31:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hpuS1gQT5Vwy for <apps-discuss@ietfa.amsl.com>; Sun, 7 Jul 2013 08:31:57 -0700 (PDT)
Received: from mail-qe0-x231.google.com (mail-qe0-x231.google.com [IPv6:2607:f8b0:400d:c02::231]) by ietfa.amsl.com (Postfix) with ESMTP id 6507321F9F59 for <apps-discuss@ietf.org>; Sun, 7 Jul 2013 08:31:56 -0700 (PDT)
Received: by mail-qe0-f49.google.com with SMTP id cz11so1869295qeb.8 for <apps-discuss@ietf.org>; Sun, 07 Jul 2013 08:31:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cridland.net; s=google; h=content-type:mime-version:in-reply-to:references:subject:x-mailer :date:message-id:from:to:cc; bh=4uiPjFGpD+ZY2sfYrlyI1AudZQVxLdkgRkNe0uRKiWU=; b=AWTZ7Yggw8Xaw/a5sckzIhqSpu+/5ejD9NtQE3LW+FAR9Lg0OSWHRbUwyXE4BHpSj4 aO+XSgSTkg8k80B4o+ZFlkBE1UiSKInGoFhybjXg6JeshhWX1Wb+RWkRPEGLorCTtmhv lMkbhw2W2eZAM//TjPLy8bnxDK8vzSdlsgNZE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=content-type:mime-version:in-reply-to:references:subject:x-mailer :date:message-id:from:to:cc:x-gm-message-state; bh=4uiPjFGpD+ZY2sfYrlyI1AudZQVxLdkgRkNe0uRKiWU=; b=Vg7xSdgfbZS3swcw89jOhG1DbsTTDSuCyh5AV55R+z+xGUSSKKYRKvQ6cS4x63sbGK it08NzGYJTE5StysuGDksloz1FcQtBUX/byXLMZuOJoIdts8XpeSuZUyDbG+kWFAoffo MwvOmZLZ8UKJgYYZIdSmhGDSlA/78slIOmJrgaMP2BdkEGyTTd6mNWiPM3TnpUY0+/PO az2iRfSnZNXCrAvYqKNBVTsldiB8LaT1xQZXwtPCj90QUWkWTvTAXXp/wX5VzC7IGCE9 QMYwVDe1Lo2r5DKyiGym5K0nUJxn5oIyKOiovuXy+JD0L7XrX+gBSUMCbNFfuBJKCSFd qD/g==
X-Received: by 10.224.54.204 with SMTP id r12mr14570176qag.105.1373211116536; Sun, 07 Jul 2013 08:31:56 -0700 (PDT)
Received: from [192.168.56.1] (173-10-181-165-BusName-washingtonDC.hfc.comcastbusiness.net. [173.10.181.165]) by mx.google.com with ESMTPSA id r2sm10025566qeh.7.2013.07.07.08.31.55 for <multiple recipients> (version=TLSv1.1 cipher=RC4-SHA bits=128/128); Sun, 07 Jul 2013 08:31:55 -0700 (PDT)
Content-Type: multipart/alternative; boundary="===============0084585691=="
MIME-Version: 1.0
In-Reply-To: <CAL0qLwZaPrXhnCXcMPzE6gcif6akV2iKibvXPrqHREE0hXPFrg@mail.gmail.com>
References: <CAL0qLwZaPrXhnCXcMPzE6gcif6akV2iKibvXPrqHREE0hXPFrg@mail.gmail.com> <769743608.173673.1373148450418.JavaMail.zimbra@peachymango.org> <47488958.173803.1373149894362.JavaMail.zimbra@peachymango.org>
X-Mailer: Inky (TM) v1.0.51D7.5905 ("Epoch")
Date: Sun, 07 Jul 2013 15:31:56 -0000
Message-Id: <wW50zji0Cjq-qcVamEGefKY_jWvMFlBM9Ib9atm-pRAw1ZqYU@smtp.gmail.com>
From: Dave Cridland <dave@cridland.net>
To: "Murray S. Kucherawy" <superuser@gmail.com>
X-Gm-Message-State: ALoCoQn9tKJE5an2BozOVSZQccnU8cTgt59F5wFaBPy5RK1rGO4xQFCS3bFwsAW8GyUCBC24N5/h
Cc: IETF Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [apps-discuss] update to rfc5965
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Jul 2013 15:31:59 -0000

Murray S. Kucherawy wrote:





It strikes me that putting a specific password in a standards document
is unlikely to fly.  It might be better to include a new media type
parameter to indicate the password used to create the encrypted form.


I would worry that the same problem Franck's trying to workaround here
would resurface. That is, scanners would read "inside" the ZIP. Of
course, maybe they would anyway with a specific media type and a known
password.

I don't think that a fixed password in this instance is wrong, given
the purpose of the encryption is not actually to encrypt, per-se.

I have to wonder if there's an alternative, like a media type that is
itself defined as base64 encoded, but I note Franck's statement that a
ZIP with a known password is the deployed workaround; standardizing
this running code seems like the simplest option.

Dave.

v2.23.0 | Report a Bug | By Email