IETF Logo Mail Archive

Re: [apps-discuss] Comments on Malformed Message BCP draft

Dave Cridland <dave@cridland.net> Fri, 15 April 2011 16:50 UTC

Return-Path: <dave@cridland.net>
X-Original-To: apps-discuss@ietfc.amsl.com
Delivered-To: apps-discuss@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id EAE9B130043 for <apps-discuss@ietfc.amsl.com>; Fri, 15 Apr 2011 09:50:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([208.66.40.236]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yJA3TSKBVink for <apps-discuss@ietfc.amsl.com>; Fri, 15 Apr 2011 09:50:31 -0700 (PDT)
Received: from peirce.dave.cridland.net (peirce.dave.cridland.net [IPv6:2001:470:1f09:882:2e0:81ff:fe29:d16a]) by ietfc.amsl.com (Postfix) with ESMTP id 0667B13001A for <apps-discuss@ietf.org>; Fri, 15 Apr 2011 09:50:31 -0700 (PDT)
Received: from localhost (peirce.dave.cridland.net [127.0.0.1]) by peirce.dave.cridland.net (Postfix) with ESMTP id 35C76116808D; Fri, 15 Apr 2011 17:50:30 +0100 (BST)
X-Virus-Scanned: Debian amavisd-new at peirce.dave.cridland.net
Received: from peirce.dave.cridland.net ([127.0.0.1]) by localhost (peirce.dave.cridland.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6HTo23OV88dq; Fri, 15 Apr 2011 17:50:23 +0100 (BST)
Received: from puncture (puncture.dave.cridland.net [IPv6:2001:470:1f09:882:221:85ff:fe3f:1696]) by peirce.dave.cridland.net (Postfix) with ESMTPA id EC8141168067; Fri, 15 Apr 2011 17:50:22 +0100 (BST)
References: <F5833273385BB34F99288B3648C4F06F1343319E22@EXCH-C2.corp.cloudmark.com> <CEDB17EC-80CE-49B5-91C1-FBCB0449BBA5@network-heretics.com> <4DA8542F.9040003@tana.it> <F5833273385BB34F99288B3648C4F06F1343319E51@EXCH-C2.corp.cloudmark.com>
In-Reply-To: <F5833273385BB34F99288B3648C4F06F1343319E51@EXCH-C2.corp.cloudmark.com>
MIME-Version: 1.0
Message-Id: <3111.1302886222.968467@puncture>
Date: Fri, 15 Apr 2011 17:50:22 +0100
From: Dave Cridland <dave@cridland.net>
To: "Murray S. Kucherawy" <msk@cloudmark.com>, General discussion of application-layer protocols <apps-discuss@ietf.org>, ietf-822 <ietf-822@imc.org>
Content-Type: text/plain; delsp="yes"; charset="us-ascii"; format="flowed"
Subject: Re: [apps-discuss] Comments on Malformed Message BCP draft
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Apr 2011 16:50:38 -0000

On Fri Apr 15 17:44:16 2011, Murray S. Kucherawy wrote:
> The fact that MTAs will do one thing with, for example, malformed  
> MIME and browsers/MUAs do something else is a real problem.

I'd be willing to bet that such differences represent a vector for  
(for example) mail-based trojans.

I agree that in the event that MIME is incorrect, there is strong  
pressure to do *something* with it, and we should try to ensure that  
that something is aligned.

It may be that the discussion suggests rejecting, in which case I  
suggest the document should clearly explain why, and what the  
implications of not doing so are, beyond "it makes some problems  
harder to diagnose".

Dave.
-- 
Dave Cridland - mailto:dave@cridland.net - xmpp:dwd@dave.cridland.net
  - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/
  - http://dave.cridland.net/
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade

v2.23.0 | Report a Bug | By Email