IETF Logo Mail Archive

RE: [apps-discuss] content inspection in absence of media type, was: APPSDIR review of draft-ietf-httpbis-p2-semantics-24

Larry Masinter <masinter@adobe.com> Mon, 04 November 2013 16:12 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6907011E82AE for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 4 Nov 2013 08:12:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.313
X-Spam-Level:
X-Spam-Status: No, score=-8.313 tagged_above=-999 required=5 tests=[AWL=2.286, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E-5Uk05rU3wy for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 4 Nov 2013 08:11:58 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id E6AFA21F9EE9 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 4 Nov 2013 08:11:36 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1VdMk8-00050K-3S for ietf-http-wg-dist@listhub.w3.org; Mon, 04 Nov 2013 16:11:08 +0000
Resent-Date: Mon, 04 Nov 2013 16:11:08 +0000
Resent-Message-Id: <E1VdMk8-00050K-3S@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <masinter@adobe.com>) id 1VdMjy-0004zW-Q8 for ietf-http-wg@listhub.w3.org; Mon, 04 Nov 2013 16:10:58 +0000
Received: from exprod6og122.obsmtp.com ([64.18.1.238]) by maggie.w3.org with smtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72) (envelope-from <masinter@adobe.com>) id 1VdMjx-0004HF-NQ for ietf-http-wg@w3.org; Mon, 04 Nov 2013 16:10:58 +0000
Received: from outbound-smtp-1.corp.adobe.com ([192.150.11.134]) by exprod6ob122.postini.com ([64.18.5.12]) with SMTP ID DSNKUnfGt+xnDl4VyRhs7L1te7JGwXPdgUog@postini.com; Mon, 04 Nov 2013 08:10:57 PST
Received: from inner-relay-2.corp.adobe.com ([153.32.1.52]) by outbound-smtp-1.corp.adobe.com (8.12.10/8.12.10) with ESMTP id rA4G5ht2016016; Mon, 4 Nov 2013 08:05:43 -0800 (PST)
Received: from nacas03.corp.adobe.com (nacas03.corp.adobe.com [10.8.189.121]) by inner-relay-2.corp.adobe.com (8.12.10/8.12.10) with ESMTP id rA4G9QOU017867; Mon, 4 Nov 2013 08:09:26 -0800 (PST)
Received: from nambxv01a.corp.adobe.com ([10.8.189.95]) by nacas03.corp.adobe.com ([10.8.189.121]) with mapi; Mon, 4 Nov 2013 08:09:26 -0800
From: Larry Masinter <masinter@adobe.com>
To: "Henry S. Thompson" <ht@inf.ed.ac.uk>, Mark Nottingham <mnot@mnot.net>
CC: S Moonesamy <sm+ietf@elandsys.com>, "julian.reschke@gmx.de" <julian.reschke@gmx.de>, "draft-ietf-httpbis-p2-semantics.all@tools.ietf.org" <draft-ietf-httpbis-p2-semantics.all@tools.ietf.org>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, "apps-discuss@ietf.org" <apps-discuss@ietf.org>, "ietf@ietf.org" <ietf@ietf.org>
Date: Mon, 04 Nov 2013 08:09:24 -0800
Thread-Topic: [apps-discuss] content inspection in absence of media type, was: APPSDIR review of draft-ietf-httpbis-p2-semantics-24
Thread-Index: Ac7ZdRIp7v0v0HGOSIeeV+mqfknXLAAAgKJA
Message-ID: <C68CB012D9182D408CED7B884F441D4D348260C1C0@nambxv01a.corp.adobe.com>
References: <6.2.5.6.2.20131027115007.07e32210@elandnews.com> <526E8B9E.8030006@gmx.de> <6.2.5.6.2.20131029050405.0caf8b40@elandnews.com> <526FC24D.7060704@gmx.de> <6.2.5.6.2.20131030060359.0cb29068@elandnews.com> <B6CADE9A-2472-44B5-96E4-18B571D48CD6@mnot.net> <f5bmwlkgonx.fsf@troutbeck.inf.ed.ac.uk>
In-Reply-To: <f5bmwlkgonx.fsf@troutbeck.inf.ed.ac.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Received-SPF: pass client-ip=64.18.1.238; envelope-from=masinter@adobe.com; helo=exprod6og122.obsmtp.com
X-W3C-Hub-Spam-Status: No, score=-4.5
X-W3C-Hub-Spam-Report: AWL=-2.222, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1VdMjx-0004HF-NQ 96c005e0186b002b810ebf8fe1ad1b1c
X-Original-To: ietf-http-wg@w3.org
Subject: RE: [apps-discuss] content inspection in absence of media type, was: APPSDIR review of draft-ietf-httpbis-p2-semantics-24
Archived-At: <http://www.w3.org/mid/C68CB012D9182D408CED7B884F441D4D348260C1C0@nambxv01a.corp.adobe.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/20292
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

I'd like to point out that the topic of consistent content inspection was discussed in the websec working group via:
http://tools.ietf.org/html/draft-ietf-websec-mime-sniff-03
which was abandoned in the IETF and taken up by WHATWG in 
http://mimesniff.spec.whatwg.org/.
The "bugs" filed in IETF tracker:
http://trac.tools.ietf.org/wg/websec/trac/query?component=mime-sniff
and discussed at IETF 82 Taipei
http://tools.ietf.org/agenda/82/slides/websec-2.pdf

were subsequently reproduced in the WHATWG tracker

https://www.w3.org/Bugs/Public/show_bug.cgi?id=19746

Ideally, the "magic number" entry in the Media Type registry would be retargeted to give instructions and prioritization for content recognition, especially in cases (such as ftp: and file: access) where there is no channel for content-type transmission.  

Fixing content-type sniffing goes beyond http and should be addressed directly. 

Larry
--
http://larry.masinter.net

v2.23.0 | Report a Bug | By Email