IETF Logo Mail Archive

Re: [Anima] Content-Transfer-Encoding and HTTP 1.x in ANIMA BRSKI

Julian Reschke <julian.reschke@gmx.de> Tue, 18 June 2019 04:49 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 862BD120396 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 17 Jun 2019 21:49:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.9
X-Spam-Level:
X-Spam-Status: No, score=-2.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xz5gsEVWGyBN for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Mon, 17 Jun 2019 21:49:41 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [IPv6:2603:400a:ffff:804:801e:34:0:38]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA84512004A for <httpbisa-archive-bis2Juki@lists.ietf.org>; Mon, 17 Jun 2019 21:49:40 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.89) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1hd613-0000id-M0 for ietf-http-wg-dist@listhub.w3.org; Tue, 18 Jun 2019 04:46:41 +0000
Resent-Date: Tue, 18 Jun 2019 04:46:41 +0000
Resent-Message-Id: <E1hd613-0000id-M0@frink.w3.org>
Received: from mimas.w3.org ([2603:400a:ffff:804:801e:34:0:4f]) by frink.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <julian.reschke@gmx.de>) id 1hd610-0000hs-AC for ietf-http-wg@listhub.w3.org; Tue, 18 Jun 2019 04:46:38 +0000
Received: from mout.gmx.net ([212.227.17.21]) by mimas.w3.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.89) (envelope-from <julian.reschke@gmx.de>) id 1hd60y-0005Ok-Nr for ietf-http-wg@w3.org; Tue, 18 Jun 2019 04:46:38 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1560833155; bh=5wQCTDl6KZ1KfhekCwDiSfDuq9ZD4N2mkyB0822XU9g=; h=X-UI-Sender-Class:Subject:To:Cc:References:From:Date:In-Reply-To; b=MKyC9nXUGjKuiEU9Q9W9SB6YR6fuXCkWB3f+LwYlNaAXwqEJntmaeJyvUWv5cAdBK TQwYHDygZ8QzCmUU7aQL1WQoQqsk4dKxaUMsSN2uPDPHK2tumCgJZZh7O83KpwjeIS hYhkO26LSAupMAr+wvdJAPR5RhKWS80QB6+ln124=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.178.124] ([91.61.54.221]) by mail.gmx.com (mrgmx101 [212.227.17.168]) with ESMTPSA (Nemesis) id 0MJXEd-1hbiQa3PRr-0037fg; Tue, 18 Jun 2019 06:45:55 +0200
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, "Panos Kampanakis (pkampana)" <pkampana@cisco.com>, Michael Richardson <mcr+ietf@sandelman.ca>
Cc: Eliot Lear <lear@cisco.com>, "draft-ietf-pkix-est@ietf.org" <draft-ietf-pkix-est@ietf.org>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, Carsten Bormann <cabo@tzi.org>, Anima WG <anima@ietf.org>
References: <32410.1560275231@localhost> <15839.1560351718@localhost> <8a538f76-787d-de13-97f1-16195daae8ce@gmx.de> <F896BCBC-6C32-4107-B4B5-C12617F81326@tzi.org> <AD4DC1AA-C332-4BC7-B095-0CDD30700B99@cisco.com> <909.1560436148@localhost> <BN7PR11MB25473A12F646FAC8C19C1118C9EF0@BN7PR11MB2547.namprd11.prod.outlook.com> <8921.1560788417@dooku.sandelman.ca> <BN7PR11MB2547DFFF1EC4B7B92D0FC9DDC9EB0@BN7PR11MB2547.namprd11.prod.outlook.com> <f2403f8d-f40b-3112-cd23-cde9ae04a74b@gmail.com>
From: Julian Reschke <julian.reschke@gmx.de>
Message-ID: <9b676fbb-a13f-3c00-dee2-289f529ba5d9@gmx.de>
Date: Tue, 18 Jun 2019 06:45:53 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.1
MIME-Version: 1.0
In-Reply-To: <f2403f8d-f40b-3112-cd23-cde9ae04a74b@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:upEfb1NyuzyXdjoTFh5wLUtFtVhqH4eQzgielYGLy1l0DRB6UhJ lfxIIihldG/xKaMUGr2cYGzlqaWg5Pdkq6Z5ku/LhadvYjFsaAQfuAdQlGibcbr9myHcwlQ hMAObMvF+I1ZSU0TjoMIAvfaF7PvfnDjk2lafj1li0cWuKQP522KMus38YyzPi2ya6uKdXM G3AuFBSlgAVbWVF5+L3mA==
X-UI-Out-Filterresults: notjunk:1;V03:K0:DVnEkpOGPaM=:OEH0fhLomxcpBZvnycIUT4 QM/QoHE/e2Ek5Z4U5g4/9BEBHjTGFV93ADUy1tVjpc55XEXhwiLbmnPv5JnQXpiU9ouIS4P7e qlNQ1UCLjNNkU2rWbJBGEokA+8gZ7LbZIhykxTGaHB+79NLv7bUvfjR7VUchmubBYm4YxLJdX ARun6sIOR8rEG9d1JVKk5tbk563hJ913LsdHURl5kdQRE7LeG5yTweEFrx0d/w2YXf96SsDwu FXrIx6W43IttOqEB4Fz9RMwOXx22zrQ1lMlM+6U4aDPadMEUEtMlO024jNCuh8attv0TAJOse Gyzf4bXBlQJIosE+eUsc8dhRQ2vVYOJXVYt8pD3SW11iTXqybousho+4bpjMNQmPVQdCPRdpG VFbiS+8E6QZiF91zjZL/XuShDADucfscevV/J6OlqGd7pIXmoJXU5lrRp1hhA8CjRmtsiop1L EdldI2hTVsVumb27s7jlqr+48n7dImcTl6BpeN6qR9O1g1JyWKoorSCXkGfqS6oNplgHa1hEY iU00uLOUg5aA9qJmXa5h1pX9jrF0UXVOLfAvQ2ohS714aF8cIBTsN7yTjOHLzToqvFEn4tvjB wEmIiIR3o2gnqnOd//UnwrFvbYBbdKgbQfsKy0uNFphQ8+660RyhIYI3FmwzodxJr6h83Q63f q3xCqn3rUcq1v9ldElpLCtWl8wM1IUx5tZSM6tzWFjPeS+KF0OWPyxGtA/Jt/Icx9FQpVN08q 19nt708e2yyD/uhnrnuW8yYcdqu9NxEr6yUsanKQ9gd4VXqfs2g0D31TXYFyaIVBAf1mhk5G/ H10TVs46l0kjKMB410I3Mg4jrXsHyX1tdcMgojczijT5/vJe94KF0a825z27P4BZFPowb9Jcm WHErRdCg7zL+vuAt2ttMk0Bc2OMNfDNnwQf6J4ZjC5GCULqrgbrLJbDt1fbg3IFfnOBX3RAFJ +MGBhd21D8PnC0yQspZnui7a8RSZWbQ4yGyBbr2am3ZDBVoW59MJl
Received-SPF: pass client-ip=212.227.17.21; envelope-from=julian.reschke@gmx.de; helo=mout.gmx.net
X-W3C-Hub-Spam-Status: No, score=-4.2
X-W3C-Hub-Spam-Report: AWL=2.351, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: mimas.w3.org 1hd60y-0005Ok-Nr ebce282d46b104b484ff8c337fd1d988
X-Original-To: ietf-http-wg@w3.org
Subject: Re: [Anima] Content-Transfer-Encoding and HTTP 1.x in ANIMA BRSKI
Archived-At: <https://www.w3.org/mid/9b676fbb-a13f-3c00-dee2-289f529ba5d9@gmx.de>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/36726
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On 17.06.2019 22:44, Brian E Carpenter wrote:
> On 18-Jun-19 05:18, Panos Kampanakis (pkampana) wrote:
>>> So effectively, the CTE header has effectively been dropped, but the payload is now assumed to be base64, regardless.
>>> This suggests that we can not use the CTE header as a signal.
>
> I went and looked at RFC4648 for my own education, and then spent a few minutes
> trying to design a Turing machine that can distinguish a binary bit string from
> a base64 bit string. Fail. You can determine that a bit string is definitely
> not base64 if it contains at least one character outside the base64 alphabet,
> but not the converse. So it needs a signal. Not having a signal would be wide
> open to malicious misuse, IMHO. Indicating the length of the payload would be
> enough, I think.

I agree that using heuristics should be avoided. But how does
Content-Length help here?

Best regards, Julian

v2.23.0 | Report a Bug | By Email