Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt
"Martin J. Dürst" <duerst@it.aoyama.ac.jp> Sat, 01 October 2011 05:11 UTC
Return-Path: <duerst@it.aoyama.ac.jp>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C43321F8B42 for <websec@ietfa.amsl.com>; Fri, 30 Sep 2011 22:11:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.755
X-Spam-Level:
X-Spam-Status: No, score=-99.755 tagged_above=-999 required=5 tests=[AWL=0.035, BAYES_00=-2.599, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265, MIME_8BIT_HEADER=0.3, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IrRjPgUi4Fv5 for <websec@ietfa.amsl.com>; Fri, 30 Sep 2011 22:11:45 -0700 (PDT)
Received: from scintmta02.scbb.aoyama.ac.jp (scintmta02.scbb.aoyama.ac.jp [133.2.253.34]) by ietfa.amsl.com (Postfix) with ESMTP id 5FF9C21F8B3E for <websec@ietf.org>; Fri, 30 Sep 2011 22:11:44 -0700 (PDT)
Received: from scmse02.scbb.aoyama.ac.jp ([133.2.253.231]) by scintmta02.scbb.aoyama.ac.jp (secret/secret) with SMTP id p915EUTJ022029 for <websec@ietf.org>; Sat, 1 Oct 2011 14:14:34 +0900
Received: from (unknown [133.2.206.133]) by scmse02.scbb.aoyama.ac.jp with smtp id 7e17_185a_3dd3481e_ebec_11e0_b640_001d096c5782; Sat, 01 Oct 2011 14:14:30 +0900
Received: from [IPv6:::1] ([133.2.210.1]:43659) by itmail.it.aoyama.ac.jp with [XMail 1.22 ESMTP Server] id <S15571C5> for <websec@ietf.org> from <duerst@it.aoyama.ac.jp>; Sat, 1 Oct 2011 14:14:31 +0900
Message-ID: <4E86A1B0.3090601@it.aoyama.ac.jp>
Date: Sat, 01 Oct 2011 14:14:24 +0900
From: "\"Martin J. Dürst\"" <duerst@it.aoyama.ac.jp>
Organization: Aoyama Gakuin University
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.9) Gecko/20100722 Eudora/3.0.4
MIME-Version: 1.0
To: Adam Barth <ietf@adambarth.com>
References: <20110508004502.3883.40670.idtracker@ietfa.amsl.com> <4E7DB8E4.9040208@gmx.de> <4E83AA99.6080308@gondrom.org> <CAJE5ia_k3vXWixC6UsJ6mJ08xW8NQO06MVVD9-dzYSOFkDfutg@mail.gmail.com> <4E83BF67.3040207@it.aoyama.ac.jp> <CAJE5ia_b8W0DMZnCmXWYTHwQ-WGpm-Jg+Lozd7UWJPKj6zVqww@mail.gmail.com>
In-Reply-To: <CAJE5ia_b8W0DMZnCmXWYTHwQ-WGpm-Jg+Lozd7UWJPKj6zVqww@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: websec@ietf.org
Subject: Re: [websec] I-D Action:draft-ietf-websec-mime-sniff-03.txt
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Oct 2011 05:11:46 -0000
Hello Adam, On 2011/09/29 11:45, Adam Barth wrote: > On Wed, Sep 28, 2011 at 5:44 PM, "Martin J. Dürst" > <duerst@it.aoyama.ac.jp> wrote: >> On 2011/09/29 8:26, Adam Barth wrote: >>> >>> As I recall, the nosniff directive is pretty controversial. >> >> But then, as I recall, the whole business of sniffing is pretty >> controversial to start with. Are there differences between the >> controversiality of sniffing as such and the controversiality of the nosniff >> directive that explain why one is in the draft and the other is not? > > The reason why one is in and the other isn't is just historical. > nosniff didn't exist at the time the document was originally written. Your first answer sounded as if the nosniff directive was too controversial to be included in any draft, but your second answer seems to suggest that it was left out by (historical) accident, and that it might be worth to include it. Regards, Martin.
- [websec] I-D Action:draft-ietf-websec-mime-sniff-… Internet-Drafts
- Re: [websec] I-D Action:draft-ietf-websec-mime-sn… Julian Reschke
- Re: [websec] I-D Action:draft-ietf-websec-mime-sn… Alexey Melnikov
- Re: [websec] I-D Action:draft-ietf-websec-mime-sn… Tobias Gondrom
- Re: [websec] I-D Action:draft-ietf-websec-mime-sn… Adam Barth
- Re: [websec] I-D Action:draft-ietf-websec-mime-sn… Tobias Gondrom
- Re: [websec] I-D Action:draft-ietf-websec-mime-sn… Adam Barth
- Re: [websec] I-D Action:draft-ietf-websec-mime-sn… Martin J. Dürst
- Re: [websec] I-D Action:draft-ietf-websec-mime-sn… Adam Barth
- Re: [websec] I-D Action:draft-ietf-websec-mime-sn… Martin J. Dürst
- Re: [websec] I-D Action:draft-ietf-websec-mime-sn… Adam Barth
- Re: [websec] I-D Action:draft-ietf-websec-mime-sn… Phillip Hallam-Baker
- Re: [websec] I-D Action:draft-ietf-websec-mime-sn… Tobias Gondrom
- Re: [websec] I-D Action:draft-ietf-websec-mime-sn… Bjoern Hoehrmann