[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[draft-freed-sieve-in-xml-02] Escaping "*/" In Structured Comments

To: MTA filtering mailing list <ietf-mta-filters@xxxxxxx>
Subject: [draft-freed-sieve-in-xml-02] Escaping "*/" In Structured Comments
From: Robert Burrell Donkin <robertburrelldonkin@xxxxxxxxx>
Date: Fri, 30 Jan 2009 17:13:12 +0000
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=fqi9tekbNSzv27XCrHnbSmp1f14xToAQMYzQBPiSN7w=; b=S95t8dTqCoX5XtKC1IYYKFVpadpIo9qJKvRaPuRBNXCF9qQC/sIV65rbxY11ty1WVG i/zDFrXBsgjspOJANl4GQjYeTFmhjQL8Ruj4WG7n5ZI4LlzZfbEfNL4AlWUA+3phzDhM 3snuN0VHKKPCClR1MGKS6v78wtt/mYoH6Y1cc=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=M2jIhQ2A7Z0T6MAg3zjfKTNMO41QY9x0tPtvFZq1m7d7cqZJjcowpCGyE+U71kUJph mKoQGExA1gU+6FNby6TB01yB8LzZ4hOZk+YxGPtHiBqzGjoTeBON31gfU8UyLe0759ci +IEzNS8uzwdAP5LlZ6CyAOIfWuvZ7Jw24pzBc=
List-archive: <http://www.imc.org/ietf-mta-filters/mail-archive/>
List-id: <ietf-mta-filters.imc.org>
List-unsubscribe: <mailto:ietf-mta-filters-request@imc.org?body=unsubscribe>
Sender: owner-ietf-mta-filters@xxxxxxxxxxxx

Issue
-----
No discussion is made about the merits of escaping content which will
be transformed into structured comments. For example, the following
fragment might be used to smuggle content into the script:

<displayblock><trouble>*/
if header :contains "from" "enemy@xxxxxxxxxxx" {
     discard;
}
/*</trouble></displayblock>

Proposal
--------
To "4.2. Structured Comments" Add:

 If "*/" is found in the XML content, when mapped into a comment it
 would prematurely terminate that comment. Escaping of this sequence
 would often be inconvenient for processors. Editors SHALL NOT include
 "*/" within displayblock, displaydata or foreign markup. Processors MAY
 regard documents containing "*/" in foreign markup, displayblock
 or displaydata as invalid.

To "5. Security Considerations" Add:

 Little effective protection can be offered by a processor to the user
 of a malicious editor.

Rationale
---------
Only limited protection can be offered to the user by a processor against
a malicious or buggy editor. The effectiveness of that protection should
b weighed against the implementation complexity. Escaping is inconvenient
for processors and introduces complexity for very little security gain.
Editors control the meta-data they wish to insert and it is simpler just
to ensure that this meta-data does not contain "*/".

Follow-Ups:
- Re: [draft-freed-sieve-in-xml-02] Escaping "*/" In Structured Comments
  - From: Ned Freed
- Re: [draft-freed-sieve-in-xml-02] Escaping "*/" In Structured Comments
  - From: Philip Guenther

Prev by Date: [draft-freed-sieve-in-xml-02] Preservation Of Meta-Data During An Editing Session
Next by Date: [draft-freed-sieve-in-xml-02] Emphasis Whitespace Preservation
Previous by thread: [draft-freed-sieve-in-xml-02] Preservation Of Meta-Data During An Editing Session
Next by thread: Re: [draft-freed-sieve-in-xml-02] Escaping "*/" In Structured Comments
Index(es):
- Date
- Thread