IETF Logo Mail Archive

Re: [imapext] Kathleen Moriarty's No Objection on draft-ietf-imapapnd-appendlimit-extension-08: (with COMMENT)

Barry Leiba <barryleiba@computer.org> Wed, 06 January 2016 03:55 UTC

Return-Path: <barryleiba@gmail.com>
X-Original-To: imapext@ietfa.amsl.com
Delivered-To: imapext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 056031A9009; Tue, 5 Jan 2016 19:55:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j5Y0gin8HZqZ; Tue, 5 Jan 2016 19:55:01 -0800 (PST)
Received: from mail-ig0-x22b.google.com (mail-ig0-x22b.google.com [IPv6:2607:f8b0:4001:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E80431A900A; Tue, 5 Jan 2016 19:55:00 -0800 (PST)
Received: by mail-ig0-x22b.google.com with SMTP id z14so3388309igp.1; Tue, 05 Jan 2016 19:55:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=L7ylqDdYtYkK3tTI8eZZ9ySvHTVrcIErbaIQmjZq1t0=; b=H9mwV4OxR3M4viYc52Y0ZzPO/Da20XW+PpXo6oG3uucZo5vlHXYaXsCpnx7JHz8EBB nFzk/kL4X8QGWqW0tNMk7f3iS+PX2L8GlnoK7DEhthFzt+ib0BBGx8gbf+/gw8Cg4rlp fnufqr6cgixKDU/uAYYNnQ26kBVGoQXkI8mSPIHQhWQ5xq/v0FFF+t5RDIb+ThcBYyov 2A41xGLv3PSdmHmt2tViAQeWAMmOr5yLJpZiIXhIA4V3OuDdCGWCzOvi9mcLFYbNkHiZ MCB5ZQS4oBqBiz6x6WWU2eYM7Ces8zX+Z2ys7AlvfKASfXk9WvFKuV+rsTXRacVrezg6 WBgA==
MIME-Version: 1.0
X-Received: by 10.50.183.11 with SMTP id ei11mr7032845igc.81.1452052500249; Tue, 05 Jan 2016 19:55:00 -0800 (PST)
Sender: barryleiba@gmail.com
Received: by 10.36.117.83 with HTTP; Tue, 5 Jan 2016 19:55:00 -0800 (PST)
In-Reply-To: <20160106012803.29192.54119.idtracker@ietfa.amsl.com>
References: <20160106012803.29192.54119.idtracker@ietfa.amsl.com>
Date: Wed, 06 Jan 2016 11:55:00 +0800
X-Google-Sender-Auth: iBk-DgcWi-gxHm_tHa9rQY3OLmA
Message-ID: <CALaySJLo3o7j2qJNxrLaGKntHhURme=tTy5vCPM9sDR7NU4hVg@mail.gmail.com>
From: Barry Leiba <barryleiba@computer.org>
To: Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/imapext/bB9NdYIe-VAoqNv4a7IJddot3QY>
Cc: draft-ietf-imapapnd-appendlimit-extension@ietf.org, imapapnd-chairs@ietf.org, The IESG <iesg@ietf.org>, "imapext@ietf.org" <imapext@ietf.org>, SM <sm+ietf@elandsys.com>
Subject: Re: [imapext] Kathleen Moriarty's No Objection on draft-ietf-imapapnd-appendlimit-extension-08: (with COMMENT)
X-BeenThere: imapext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IMAP extensions <imapext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/imapext>, <mailto:imapext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/imapext/>
List-Post: <mailto:imapext@ietf.org>
List-Help: <mailto:imapext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/imapext>, <mailto:imapext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jan 2016 03:55:02 -0000

> First, this extension lets you find out the limit for either the server
> or individual mailboxes, so shouldn't the first part of the description
> focus on a possible DoS filling up those resources?

I don't understand where you're going with this.  This has nothing to
do with a storage limit -- that's handled by the QUOTA extension
that's a separate thing, and any client can already fill up the quota
of the user it's logged in as.

This extension is about limiting the size of a single message, because
servers have such limitations and currently have no way to tell the
client about them.  The only purpose of this extension is to let a
client discover a server's size limit for a single message.

The security considerations need to be about how that knowledge can be
used to breach security.  The answer to that is "it can't, really",
but the one issue we came up with is documented there.

Do you have any specific security considerations to suggest that are
specific to this extension: the ability for a client to discover what
a server's policy limit is on the size of a single message?

> Then, it's a common security programming practice to enforce size
> limitations in code.  Why is there a focus on an attacker sending append
> content that exceeds the allowable size rather than just saying that such
> append content should be rejected?

A server will always have to be able to deal (in code) with messages
greater than the maximum size they allow, because IMAP syntactically
allows them to be transmitted.  The server can only say "NO" to
appending the message after it receives it.  The security
considerations are talking about whether the server might do something
harsher to a client that appears to be abusive -- kicking it off and
disabling the account, for example.

Barry

v2.23.0 | Report a Bug | By Email