Re: [MORG] Review of draft-ietf-morg-fuzzy-search-02.txt
Alexey Melnikov <alexey.melnikov@isode.com> Fri, 06 August 2010 10:02 UTC
Return-Path: <alexey.melnikov@isode.com>
X-Original-To: morg@core3.amsl.com
Delivered-To: morg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 71B993A6846 for <morg@core3.amsl.com>; Fri, 6 Aug 2010 03:02:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.471
X-Spam-Level:
X-Spam-Status: No, score=-102.471 tagged_above=-999 required=5 tests=[AWL=0.128, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pUjAHrMKMGEJ for <morg@core3.amsl.com>; Fri, 6 Aug 2010 03:02:33 -0700 (PDT)
Received: from rufus.isode.com (rufus.isode.com [62.3.217.251]) by core3.amsl.com (Postfix) with ESMTP id 770153A67FD for <morg@ietf.org>; Fri, 6 Aug 2010 03:02:33 -0700 (PDT)
Received: from [188.28.154.48] (188.28.154.48.threembb.co.uk [188.28.154.48]) by rufus.isode.com (submission channel) via TCP with ESMTPA id <TFvd1ABSpb6W@rufus.isode.com>; Fri, 6 Aug 2010 11:03:02 +0100
Message-ID: <4C5BDDD3.10405@isode.com>
Date: Fri, 06 Aug 2010 12:02:59 +0200
From: Alexey Melnikov <alexey.melnikov@isode.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.21) Gecko/20090303 SeaMonkey/1.1.15
To: barryleiba@computer.org
References: <4C5021F0.5020002@isode.com> <AANLkTik3ayOVth5v5gVowi8ybtj=k99n=evgt7YZQYzw@mail.gmail.com>
In-Reply-To: <AANLkTik3ayOVth5v5gVowi8ybtj=k99n=evgt7YZQYzw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: morg@ietf.org
Subject: Re: [MORG] Review of draft-ietf-morg-fuzzy-search-02.txt
X-BeenThere: morg@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Messaging Organization <morg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/morg>, <mailto:morg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/morg>
List-Post: <mailto:morg@ietf.org>
List-Help: <mailto:morg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/morg>, <mailto:morg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Aug 2010 10:02:34 -0000
Barry Leiba wrote: >> This is not a proper text for this section, as I don't think this is true. >> It would be better to say that this document doesn't add additional security >> considerations not already present in implementations of ESEARCH, SORT, etc. >> > I agree. > >> But maybe we should think harder about this in the case of this document. >> > We did think about it, and we think it's correct that it doesn't add > additional ones. > > Did you have anything specific in mind? > Only some vague thoughts: 1) This might be too implementation specific, but should we point out possible buffer overflows and other nastiness with fuzzy indexing systems that might be used at the backend? 2) It might be worth mentioning that fuzzy search might cause Deny-of-Service attacks on the IMAP server. Implementations of this extension are likely to consume more disk space, memory and/or CPU.
- [MORG] Review of draft-ietf-morg-fuzzy-search-02.… Alexey Melnikov
- Re: [MORG] Review of draft-ietf-morg-fuzzy-search… Barry Leiba
- Re: [MORG] Review of draft-ietf-morg-fuzzy-search… Alexey Melnikov
- Re: [MORG] Review of draft-ietf-morg-fuzzy-search… Timo Sirainen
- Re: [MORG] Review of draft-ietf-morg-fuzzy-search… Barry Leiba
- Re: [MORG] Review of draft-ietf-morg-fuzzy-search… Alexey Melnikov
- Re: [MORG] Review of draft-ietf-morg-fuzzy-search… Timo Sirainen
- Re: [MORG] Review of draft-ietf-morg-fuzzy-search… Alexey Melnikov