Re: Link-local IPv6 addresses in URIs
Brian E Carpenter <brian.e.carpenter@gmail.com> Mon, 14 November 2011 09:41 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0EEB721F8DC8 for <ipv6@ietfa.amsl.com>; Mon, 14 Nov 2011 01:41:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.268
X-Spam-Level:
X-Spam-Status: No, score=-103.268 tagged_above=-999 required=5 tests=[AWL=-0.268, BAYES_00=-2.599, J_CHICKENPOX_37=0.6, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v5mcp+vCggST for <ipv6@ietfa.amsl.com>; Mon, 14 Nov 2011 01:40:57 -0800 (PST)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by ietfa.amsl.com (Postfix) with ESMTP id 56EB021F8F3F for <ipv6@ietf.org>; Mon, 14 Nov 2011 01:40:27 -0800 (PST)
Received: by ywt34 with SMTP id 34so4510062ywt.31 for <ipv6@ietf.org>; Mon, 14 Nov 2011 01:40:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=gzLLpqvEVKha5yc4I8hBCYE0Mus6HYCbRUVJ9Jjc9VI=; b=qVzElKAWa7+fIVXiH/2oyUIHXrP2dfzCaKBnKw0Gc7uJxMFLYLpnFCMKa6KwR4qaA9 v2+u/ESXk3lsdf3tyCbWK5ZDqwDLjKDNZGA9PtgVbuFCfWuecuHP5nWnykel9gHhfr+T Ly/YjanjO7++MoX9rvYKoKmLqgHd7fUns40eg=
Received: by 10.236.175.72 with SMTP id y48mr13287270yhl.17.1321263626388; Mon, 14 Nov 2011 01:40:26 -0800 (PST)
Received: from [130.129.19.92] (dhcp-135c.meeting.ietf.org. [130.129.19.92]) by mx.google.com with ESMTPS id l19sm59708466anc.14.2011.11.14.01.40.23 (version=SSLv3 cipher=OTHER); Mon, 14 Nov 2011 01:40:25 -0800 (PST)
Message-ID: <4EC0E1FD.6050107@gmail.com>
Date: Mon, 14 Nov 2011 22:40:13 +1300
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Kerry Lynn <kerlyn2001@gmail.com>
Subject: Re: Link-local IPv6 addresses in URIs
References: <CABOxzu0np9tCJgurrL6zCc1CpHd6KbrUdwnL5UocE6TM8a_G2w@mail.gmail.com>
In-Reply-To: <CABOxzu0np9tCJgurrL6zCc1CpHd6KbrUdwnL5UocE6TM8a_G2w@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: 6man <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Nov 2011 09:41:24 -0000
Kerry, On 2011-11-14 18:41, Kerry Lynn wrote: > Greetings, > > I've noticed that a "bug" has re-appeared in Firefox: > https://bugzilla.mozilla.org/show_bug.cgi?id=700999 > > In older versions of Firefox (e.g. 3.6.23) it is possible to enter URIs of > the form http://[fe80::206:98ff:fe00:232%tap0] in the > location bar and get a positive result. This capability is quite handy in > simple testing scenarios and obviously requires the client and server > to be on a common link (so I don't necessarily see how it creates a > security risk.) > > According to a note attached to the bug, the regression occurred as a > result of fixing a security bug: > https://bugzilla.mozilla.org/show_bug.cgi?id=<https://bugzilla.mozilla.org/show_bug.cgi?id=700999> > 504014 <https://bugzilla.mozilla.org/show_bug.cgi?id=504014> > I don't seem to have access to that bug, so I don't know the complete > rationale. However, the note on 700999 says the title is "Enforce RFC > 3986 syntax for IPv6 literals". It goes on to say that RFC 3986 > "disallows" interface specifiers (a.k.a. zone indices: > http://en.wikipedia.org/wiki/IPv6_address#Link-local_addresses_and_zone_indices > ). > > I don't see how a link-local address can be used in this context w/o > using a zone index. As soon as there's more than one interface, there is an issue. > Granted, RFC 3986 doesn't cover this case but > it also doesn't prohibit it. Yes it does, because the ABNF for IPv6address is for an address, not a scoped address. A scoped address would not conform to the ABNF, so that amounts to a prohibition. > This leads me to suspect it was an oversight, This part of RFC 3986 derives from RFC 2732 (which had broken ABNF, and didn't allow for a scoped address, because they didn't exist then). > so I'm wondering if RFC 3986 needs to be updated to cover it link- > local IPv6 literals? If so, is there a reference that could be used to > derive the necessary ABNF? I don't believe so. The ABNF has never been extended to cover RFC 4007 as far as I know. Getting RFC 3986 updated would be reasonably complicated I suspect. It involves a chat with the W3C people for a start. Brian
- Link-local IPv6 addresses in URIs Kerry Lynn
- Re: Link-local IPv6 addresses in URIs Brian E Carpenter
- Re: Link-local IPv6 addresses in URIs Brian E Carpenter
- Re: Link-local IPv6 addresses in URIs Carsten Bormann
- Re: Link-local IPv6 addresses in URIs Kerry Lynn
- Re: Link-local IPv6 addresses in URIs Brian Haberman
- RE: Link-local IPv6 addresses in URIs Manfredi, Albert E
- Re: Link-local IPv6 addresses in URIs Tomoyuki Sahara
- Re: Link-local IPv6 addresses in URIs Kerry Lynn
- Re: Link-local IPv6 addresses in URIs Brian Haberman
- Re: Link-local IPv6 addresses in URIs François-Xavier Le Bail
- Re: Link-local IPv6 addresses in URIs François-Xavier Le Bail
- Re: Link-local IPv6 addresses in URIs Brian E Carpenter
- Link-local IPv6 addresses in the DNS Mark Andrews
- Re: Link-local IPv6 addresses in the DNS Philip Homburg
- Re: Link-local IPv6 addresses in the DNS Brian E Carpenter
- Re: Link-local IPv6 addresses in URIs Brian E Carpenter
- Re: Link-local IPv6 addresses in the DNS Brian E Carpenter
- Re: Link-local IPv6 addresses in the DNS Brian E Carpenter
- Re: Link-local IPv6 addresses in the DNS Mark Andrews
- RE: Link-local IPv6 addresses in the DNS Christian Huitema
- Re: Link-local IPv6 addresses in the DNS Kerry Lynn
- Re: Link-local IPv6 addresses in the DNS Kerry Lynn
- Re: Link-local IPv6 addresses in the DNS Philip Homburg
- Re: Link-local IPv6 addresses in URIs François-Xavier Le Bail