IETF Logo Mail Archive

Re: [apps-discuss] content inspection in absence of media type, was: APPSDIR review of draft-ietf-httpbis-p2-semantics-24

Larry Masinter <masinter@adobe.com> Mon, 04 November 2013 16:11 UTC

Return-Path: <masinter@adobe.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45A3911E82EF; Mon, 4 Nov 2013 08:11:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.291
X-Spam-Level:
X-Spam-Status: No, score=-6.291 tagged_above=-999 required=5 tests=[AWL=0.308, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YnV6S8KevrqO; Mon, 4 Nov 2013 08:11:48 -0800 (PST)
Received: from exprod6og122.obsmtp.com (exprod6og122.obsmtp.com [64.18.1.238]) by ietfa.amsl.com (Postfix) with ESMTP id 8570A11E8221; Mon, 4 Nov 2013 08:10:57 -0800 (PST)
Received: from outbound-smtp-1.corp.adobe.com ([192.150.11.134]) by exprod6ob122.postini.com ([64.18.5.12]) with SMTP ID DSNKUnfGt+xnDl4VyRhs7L1te7JGwXPdgUog@postini.com; Mon, 04 Nov 2013 08:10:57 PST
Received: from inner-relay-2.corp.adobe.com ([153.32.1.52]) by outbound-smtp-1.corp.adobe.com (8.12.10/8.12.10) with ESMTP id rA4G5ht2016016; Mon, 4 Nov 2013 08:05:43 -0800 (PST)
Received: from nacas03.corp.adobe.com (nacas03.corp.adobe.com [10.8.189.121]) by inner-relay-2.corp.adobe.com (8.12.10/8.12.10) with ESMTP id rA4G9QOU017867; Mon, 4 Nov 2013 08:09:26 -0800 (PST)
Received: from nambxv01a.corp.adobe.com ([10.8.189.95]) by nacas03.corp.adobe.com ([10.8.189.121]) with mapi; Mon, 4 Nov 2013 08:09:26 -0800
From: Larry Masinter <masinter@adobe.com>
To: "Henry S. Thompson" <ht@inf.ed.ac.uk>, Mark Nottingham <mnot@mnot.net>
Date: Mon, 04 Nov 2013 08:09:24 -0800
Thread-Topic: [apps-discuss] content inspection in absence of media type, was: APPSDIR review of draft-ietf-httpbis-p2-semantics-24
Thread-Index: Ac7ZdRIp7v0v0HGOSIeeV+mqfknXLAAAgKJA
Message-ID: <C68CB012D9182D408CED7B884F441D4D348260C1C0@nambxv01a.corp.adobe.com>
References: <6.2.5.6.2.20131027115007.07e32210@elandnews.com> <526E8B9E.8030006@gmx.de> <6.2.5.6.2.20131029050405.0caf8b40@elandnews.com> <526FC24D.7060704@gmx.de> <6.2.5.6.2.20131030060359.0cb29068@elandnews.com> <B6CADE9A-2472-44B5-96E4-18B571D48CD6@mnot.net> <f5bmwlkgonx.fsf@troutbeck.inf.ed.ac.uk>
In-Reply-To: <f5bmwlkgonx.fsf@troutbeck.inf.ed.ac.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "ietf@ietf.org" <ietf@ietf.org>, "apps-discuss@ietf.org" <apps-discuss@ietf.org>, "julian.reschke@gmx.de" <julian.reschke@gmx.de>, S Moonesamy <sm+ietf@elandsys.com>, "draft-ietf-httpbis-p2-semantics.all@tools.ietf.org" <draft-ietf-httpbis-p2-semantics.all@tools.ietf.org>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Subject: Re: [apps-discuss] content inspection in absence of media type, was: APPSDIR review of draft-ietf-httpbis-p2-semantics-24
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Nov 2013 16:11:53 -0000

I'd like to point out that the topic of consistent content inspection was discussed in the websec working group via:
http://tools.ietf.org/html/draft-ietf-websec-mime-sniff-03
which was abandoned in the IETF and taken up by WHATWG in 
http://mimesniff.spec.whatwg.org/.
The "bugs" filed in IETF tracker:
http://trac.tools.ietf.org/wg/websec/trac/query?component=mime-sniff
and discussed at IETF 82 Taipei
http://tools.ietf.org/agenda/82/slides/websec-2.pdf

were subsequently reproduced in the WHATWG tracker

https://www.w3.org/Bugs/Public/show_bug.cgi?id=19746

Ideally, the "magic number" entry in the Media Type registry would be retargeted to give instructions and prioritization for content recognition, especially in cases (such as ftp: and file: access) where there is no channel for content-type transmission.  

Fixing content-type sniffing goes beyond http and should be addressed directly. 

Larry
--
http://larry.masinter.net

v2.23.0 | Report a Bug | By Email