Re: [Ecrit] Re: [Geopriv] RFC 3205 & HELD
Lisa Dusseault <lisa@osafoundation.org> Thu, 08 November 2007 19:52 UTC
Return-path: <geopriv-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IqDQV-0003qv-Dz; Thu, 08 Nov 2007 14:52:31 -0500
Received: from geopriv by megatron.ietf.org with local (Exim 4.43) id 1IqDQU-0003qq-Ej for geopriv-confirm+ok@megatron.ietf.org; Thu, 08 Nov 2007 14:52:30 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IqDQU-0003qi-1N for geopriv@ietf.org; Thu, 08 Nov 2007 14:52:30 -0500
Received: from laweleka.osafoundation.org ([204.152.186.98]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IqDQT-00034P-7o for geopriv@ietf.org; Thu, 08 Nov 2007 14:52:29 -0500
Received: from localhost (laweleka.osafoundation.org [127.0.0.1]) by laweleka.osafoundation.org (Postfix) with ESMTP id 4681514220D; Thu, 8 Nov 2007 11:52:28 -0800 (PST)
X-Virus-Scanned: by amavisd-new and clamav at osafoundation.org
Received: from laweleka.osafoundation.org ([127.0.0.1]) by localhost (laweleka.osafoundation.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Mqruvs8BofHh; Thu, 8 Nov 2007 11:52:19 -0800 (PST)
Received: from [10.1.1.107] (unknown [157.22.41.236]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by laweleka.osafoundation.org (Postfix) with ESMTP id 83230142210; Thu, 8 Nov 2007 11:52:19 -0800 (PST)
In-Reply-To: <472DF1C5.4060808@gmx.net>
References: <4724626A.3030806@gmx.net> <47249A6E.5080808@bbn.com> <47249B43.9050204@gmx.net> <833469F6-60AB-4EA9-A038-AEAA0F992382@cisco.com> <472DF1C5.4060808@gmx.net>
Mime-Version: 1.0 (Apple Message framework v752.3)
Content-Type: text/plain; charset="US-ASCII"; delsp="yes"; format="flowed"
Message-Id: <46A1292D-7C8E-4059-8521-8F111E33BCFF@osafoundation.org>
Content-Transfer-Encoding: 7bit
From: Lisa Dusseault <lisa@osafoundation.org>
Subject: Re: [Ecrit] Re: [Geopriv] RFC 3205 & HELD
Date: Thu, 08 Nov 2007 11:52:16 -0800
To: Hannes Tschofenig <Hannes.Tschofenig@gmx.net>
X-Mailer: Apple Mail (2.752.3)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 68ba2b07ef271dba6ee42a93832cfa4c
Cc: GEOPRIV <geopriv@ietf.org>
X-BeenThere: geopriv@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Geographic Location/Privacy <geopriv.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:geopriv@ietf.org>
List-Help: <mailto:geopriv-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/geopriv>, <mailto:geopriv-request@ietf.org?subject=subscribe>
Errors-To: geopriv-bounces@ietf.org
BCP 56 gets a worse rap than it deserves. It's quite right that with great power (the flexibility in HTTP) comes great danger. We don't always define new ports and schemes for new applications transported over HTTP, but that's because convenience is trumping security caution in most of those cases. The danger of arbitrary URLs and HTTP URLs in particular came up recently in SIEVE notifications, a case which I'll explain has some relevance for Geopriv scenarios. In the SIEVE notification framework, an email can trigger a notification over some other protocol. It would be useful if the notification had a link to the email that triggered it. Then the client can jump straight from the notification to the important email. Naturally, this will be a URL in the notification body or headers. But what kind of URL? It should not be a "mailto:" or "tel:" style URL because there's nothing sensible the client can do with that. It should not be allowed to be a "data:" URL that contains the whole email, some script instructions, or arbitrary other crap which might even be dangerous if it were used too trustingly. It should of course be allowed to be an IMAP or POP URL (in fact, we should recommend to clients that support these notifications that they be able to handle IMAP or POP URLs). But what about HTTP or Web mail? Can these notifications contain HTTP URLs which may be direct pointers to the triggering email? Since Web mail systems are so common of course this would be useful. Unfortunately, it's potentially one of the most dangerous kinds of URLs we commonly see. Clicking on an HTTP URL can lead to 404 Not Found; even though "cool URLs don't change", many do in practice. It can be useless because although it retrieves a resource, that resource is a MIME type like PDF or PNG that the client doesn't know what to do with. It can lead to a fancy HTML page with frames and scripts and logos and buttons: again, a rich client doesn't know what to do with this so it gets handed off to a fully capable browser. Hello phishing platform -- a handy way for a phisher to draw a user neatly through a familiar process in which they provide their email password to an attacker. Since Geopriv is also contemplating HTTP URLs, this will be a similar issue. Perhaps Geopriv can do a little better because the resource to be found at a location URL has a better defined content type than non-standardized Web mail does. In general: - Fields that can contain arbitrary URLs are bad for interoperability - Fields that can contain HTTP URLs without clear expectations on what kind of resource must be at the URL, can also be bad for interoperability - These can both be bad for security and privacy Lisa On Nov 4, 2007, at 8:22 AM, Hannes Tschofenig wrote: > Yep; I think so too. > > I personally think it is much simpler not to change port numbers > even for non-Web browsing applications. > However, I got the impression that these issues might come up > during IETF Last Call / IESG processing given that there is this > BCP document that talks about this subject. > > Ciao > Hannes > > > Cullen Jennings wrote: >> >> This was one of the topics where I think Lisa as a technical >> advisor for the group can come in very helpful. >> >> On Oct 28, 2007, at 7:22 AM, Hannes Tschofenig wrote: >> >>> RFC 3205 essentially says: If you use HTTP for things other than >>> webbrowsing then you should register a new URI scheme and use a >>> different port number. >>> >>> I was wondering what people think about that idea. >>> >>> >>> Richard Barnes wrote: >>>> It's also worth noting that RFC 3205 is just a set of >>>> recommendations, not anything binding. Since the document >>>> doesn't make a general requirement for ALL http-based protocols >>>> to have a different URI scheme and port number, was there >>>> something in particular about HELD that led you to those >>>> requirements? >>>> >>>> We should probably have this same debate about LoST, although it >>>> may be mostly subsumed by previous discussions. (Cross-posted >>>> to ECRIT) >>>> >>>> --RB >>>> >>>> >>>> >>>> >>>> Hannes Tschofenig wrote: >>>>> I have read RFC 3205 and my impression is that for HELD we have to >>>>> * define a new URI scheme, and >>>>> * use a different port number. >>>>> >>>>> Thoughts? >>>>> >>>>> Ciao >>>>> Hannes >>>>> >>>>> PS: What is the value of WSDL in the HELD specification? >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Geopriv mailing list >>>>> Geopriv@ietf.org >>>>> https://www1.ietf.org/mailman/listinfo/geopriv >>>>> >>> >>> >>> _______________________________________________ >>> Ecrit mailing list >>> Ecrit@ietf.org >>> https://www1.ietf.org/mailman/listinfo/ecrit > > > > _______________________________________________ > Geopriv mailing list > Geopriv@ietf.org > https://www1.ietf.org/mailman/listinfo/geopriv _______________________________________________ Geopriv mailing list Geopriv@ietf.org https://www1.ietf.org/mailman/listinfo/geopriv
- [Geopriv] RFC 3205 & HELD Hannes Tschofenig
- Re: [Geopriv] RFC 3205 & HELD Richard Barnes
- Re: [Geopriv] RFC 3205 & HELD Hannes Tschofenig
- RE: [Ecrit] Re: [Geopriv] RFC 3205 & HELD Thomson, Martin
- Re: [Ecrit] Re: [Geopriv] RFC 3205 & HELD Cullen Jennings
- Re: [Ecrit] Re: [Geopriv] RFC 3205 & HELD Hannes Tschofenig
- Re: [Ecrit] Re: [Geopriv] RFC 3205 & HELD Lisa Dusseault
- Re: [Geopriv] RFC 3205 & HELD Lisa Dusseault
- RE: [Geopriv] RFC 3205 & HELD Mary Barnes