[media-types] Draft 3 Re: Internet media type application/tar; request review
Sean Leonard <dev+ietf@seantek.com> Wed, 24 September 2014 22:53 UTC
Return-Path: <dev+ietf@seantek.com>
X-Original-To: media-types@ietfa.amsl.com
Delivered-To: media-types@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89D9E1A1AD8 for <media-types@ietfa.amsl.com>; Wed, 24 Sep 2014 15:53:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xRVRem1F2RbI for <media-types@ietfa.amsl.com>; Wed, 24 Sep 2014 15:53:31 -0700 (PDT)
Received: from pechora4.lax.icann.org (pechora4.icann.org [IPv6:2620:0:2d0:201::1:74]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4182C1A1AD6 for <media-types@ietf.org>; Wed, 24 Sep 2014 15:53:31 -0700 (PDT)
Received: from mxout-08.mxes.net (mxout-08.mxes.net [216.86.168.183]) by pechora4.lax.icann.org (8.13.8/8.13.8) with ESMTP id s8OMrAuA005114 for <media-types@iana.org>; Wed, 24 Sep 2014 22:53:30 GMT
Received: from [192.168.123.7] (unknown [23.240.242.6]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id EA372509B6; Wed, 24 Sep 2014 18:53:09 -0400 (EDT)
Message-ID: <54234B42.8050400@seantek.com>
Date: Wed, 24 Sep 2014 15:52:50 -0700
From: Sean Leonard <dev+ietf@seantek.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.1.1
MIME-Version: 1.0
To: media-types@iana.org
References: <541C7482.8040308@seantek.com> <541D0FD0.40700@it.aoyama.ac.jp> <541F8B4B.4090001@seantek.com> <20140921224820.23220df5.liam@w3.org> <20140922133430.GH28944@w3.org>
In-Reply-To: <20140922133430.GH28944@w3.org>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.0 (pechora4.lax.icann.org [192.0.33.74]); Wed, 24 Sep 2014 22:53:31 +0000 (UTC)
Archived-At: http://mailarchive.ietf.org/arch/msg/media-types/IAE0Az8Uez2d4U-gtdaE1DXYAko
Cc: ogdirector-platform@opengroup.org
Subject: [media-types] Draft 3 Re: Internet media type application/tar; request review
X-BeenThere: media-types@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IANA mailing list for reviewing Media Type \(MIME Type, Content Type\) registration requests." <media-types.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/media-types>, <mailto:media-types-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/media-types/>
List-Post: <mailto:media-types@ietf.org>
List-Help: <mailto:media-types-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/media-types>, <mailto:media-types-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Sep 2014 22:53:33 -0000
Draft 3: Registration Template [DRAFT] Type name: application Subtype name: tar Required parameters: None. Optional parameters: None. Encoding considerations: binary Security considerations: TAR (Tape ARchive), as an archive format, can contain arbitrary files of arbitrary types, including files that are not considered "regular files" (e.g., symbolic links, directories). Some of these files may be executable or contain executable data, including scripts, that could compromise the security of a computer. Additionally, some files may contain directives such as URIs that, when accessed, can compromise privacy. As POSIX file system information can be recorded in this format, user and group permissions, dates, and the like can also be overwritten when the data is extracted. Extracting a tar file runs the possibility of overwriting system files, and device nodes might be included that could be written to by later resources in the same archive. If extracted into an existing directory instead of a designated new directory, the contents can appear to "explode" and make locating existing files difficult (such an archive is known as a "tarbomb"). Furthermore, when encoding data in this format, personal data such as user and group permissions from a source computer system can be surreptitiously included in the format as a method of exfiltrating that data. The format permits extensions ("pax extensions")--these extensions may have their own security risks. Interoperability considerations: TAR is a widely-recognized archive format on all modern computer systems, especially those relating to UNIX and the POSIX standards. The format has undergone several iterations; the main current variations are "pax" and "ustar", which are compatible with each other. Published specification: POSIX.1-2008, IEEE Std 1003.1-2008 (2013 Edition), IEEE Standard for Information Technology - Portable Operating System Interface (POSIX)" Shell and Utilities - pax - EXTENDED DESCRIPTION - pax Interchange Format, ustar Interchange Format http://pubs.opengroup.org/onlinepubs/9699919799/utilities/pax.html Applications that use this media type: pax is the POSIX utility. Most UNIX-compatible implementations also include a utility called tar. Most software archiving programs of any notoriety process this format; implementations are too numerous to list. Fragment identifier considerations: N/A Additional information: Deprecated alias names for this type: N/A Magic number(s): hex: 75 73 74 61 72 00 30 30, aka US-ASCII: u s t a r NUL 0 0, at octet 257 File extension(s): tar Macintosh file type code(s): N/A Person & email address to contact for further information: Sean Leonard <dev+ietf@seantek.com> Andrew Josey <ogdirector-platform@opengroup.org> Intended usage: COMMON Restrictions on usage: None. Author: The Austin Common Standards Revision Group (CSRG) The Institute of Electrical and Electronics Engineers (IEEE) The Open Group Change controller: CSRG <ogdirector-platform@opengroup.org> Provisional registration? (standards tree only): No
- [media-types] Internet media type application/tar… Sean Leonard
- Re: [media-types] Internet media type application… Liam R E Quin
- Re: [media-types] Internet media type application… Sean Leonard
- Re: [media-types] Internet media type application… Henrik Andersson
- Re: [media-types] Internet media type application… Stian Soiland-Reyes
- Re: [media-types] Internet media type application… Henrik Andersson
- Re: [media-types] Internet media type application… Paul Libbrecht
- Re: [media-types] Internet media type application… Eric Prud'hommeaux
- [media-types] registering content encodings Chris Lilley
- Re: [media-types] registering content encodings Henrik Andersson
- Re: [media-types] registering content encodings Roni Even
- Re: [media-types] registering content encodings Julian Reschke
- Re: [media-types] Internet media type application… Stian Soiland-Reyes
- [media-types] Draft 3 Re: Internet media type app… Sean Leonard