W3C home > Mailing lists > Public > ietf-discuss@w3.org > November 2001

Re: TFTP URL

From: Donald E. Eastlake 3rd <dee3@torque.pothole.com>
Date: Sun, 25 Nov 2001 00:42:56 -0500
Message-Id: <200111250542.AAA0000004206@torque.pothole.com>
To: Mark Baker <distobj@acm.org>
cc: discuss@apps.ietf.org

From:  Mark Baker <distobj@acm.org>
Message-Id:  <200111232029.PAA21973@markbaker.ca>
Date:  Fri, 23 Nov 2001 15:29:49 -0500 (EST)
In-Reply-To:  <5.1.0.14.2.20011123075123.031c8eb0@brandenburg.com> from "Dave Crocker" at Nov 23, 2001 08:01:36 AM

>...
>IMO, all URIs should be able to be resolved safely, and therefore TFTP
>shouldn't get its own scheme.

That's absurd. Are there any schemes it is always safe to resolve?
Think a bit about the "mailto:" scheme. Think about the "http:". I'm
sure someone will even implement the "data:" scheme so that it suffers
from buffer overflow although I guess a proper implemention of it
along with a few others like "mid:" and "cid:" could be safe...

If you are going to tell some application level protocol filter to NOT
do TFTP and it takes arguments in URI syntax, how are you going to
express TFTP?

>MB
>-- 
>Mark Baker, Chief Science Officer, Planetfred, Inc.
>Ottawa, Ontario, CANADA.      mbaker@planetfred.com
>http://www.markbaker.ca   http://www.planetfred.com

I understand trying to block creation of brain dead protocols. I find
it absurd to try to block the creation of a name in the increasingly
popular URI name space for an exsting used and deployed standardized
IETF protocol which is already named in other spaces such as port
number and IANA protocol name, even if it is brain dead.

For people worried about somehow "encouraging" TFTP, I'd be fine with
whatever kind of evil status you want, like "NOT RECOMMENDED" or
making the RFC Informational instead of standards track or even
perhaps bizarreness like saying the "tftp:" scheme is reserved because
it is usually used for TFTP as described in the draft but not formally
allocating it to TFTP. But the URI scheme that is being used for the
IETF standarized TFTP protocol should be recongized.

Donald
Received on Sunday, 25 November 2001 00:46:41 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 23 March 2006 20:11:29 GMT