IETF Logo Mail Archive

Re: [apps-discuss] update to rfc5965

Ned Freed <ned.freed@mrochek.com> Mon, 08 July 2013 00:43 UTC

Return-Path: <ned.freed@mrochek.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 475F311E8121 for <apps-discuss@ietfa.amsl.com>; Sun, 7 Jul 2013 17:43:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Ari4JJAUpo5 for <apps-discuss@ietfa.amsl.com>; Sun, 7 Jul 2013 17:43:03 -0700 (PDT)
Received: from mauve.mrochek.com (mauve.mrochek.com [66.59.230.40]) by ietfa.amsl.com (Postfix) with ESMTP id 14A2121F9E45 for <apps-discuss@ietf.org>; Sun, 7 Jul 2013 17:43:03 -0700 (PDT)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01OVQOAJIFW000A469@mauve.mrochek.com> for apps-discuss@ietf.org; Sun, 7 Jul 2013 17:38:00 -0700 (PDT)
MIME-version: 1.0
Content-type: TEXT/PLAIN; CHARSET="iso-8859-1"
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01OVLZJ0QSGW000054@mauve.mrochek.com>; Sun, 7 Jul 2013 17:37:57 -0700 (PDT)
Message-id: <01OVQOAI222K000054@mauve.mrochek.com>
Date: Sun, 07 Jul 2013 17:31:44 -0700
From: Ned Freed <ned.freed@mrochek.com>
In-reply-to: "Your message dated Sun, 07 Jul 2013 18:38:42 +0000" <20130707183842.62342.qmail@joyce.lan>
References: <CAL0qLwZaPrXhnCXcMPzE6gcif6akV2iKibvXPrqHREE0hXPFrg@mail.gmail.com> <20130707183842.62342.qmail@joyce.lan>
To: John Levine <johnl@taugh.com>
Cc: apps-discuss@ietf.org
Subject: Re: [apps-discuss] update to rfc5965
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jul 2013 00:43:08 -0000

> >Has anyone implemented this?

> Zip with a known password is a convention in the very small malware
> research community, but I haven't seen it anywhere else.

And that's where it should stay. Anything that can be used to
transfer malware to someone who knows how to deal with it can also be
used to transfer malware to someone who doesn't know how to deal with it.

I'm sorry, but the notion of standardizing such a thing is nothing short of
crazy.

> Personally, I don't think that kludges to work around defective
> implementations belong in standards.  The problem is that some
> organizations run mail to their abuse mailbox through spam filters.
> To the extent that a standard should address that at all, it should
> say Don't Do That.

Exactly. We keep trying to use standards in these sorts of convoluted ways to
fix problems that can and should be attacked head-on. This is a losing
proposition.

				Ned

v2.23.0 | Report a Bug | By Email