- From: Dave Kristol <dmk@research.bell-labs.com>
- Date: Fri, 20 Feb 98 10:12:45 EST
- To: http-wg@cuckoo.hpl.hp.com
I was confused by a number of things. 1) What exactly is the threat? 2) I disagree that POST by itself defines an action. It's really POST + the host connected to + the URL accessed. 3) The Introduction points to the problem as being the Internet Printing Protocol's binary payload. Doesn't the same problem already occur with file upload? 4) Which direction poses the threat? Does the threat to security (to an enterprise) derive from passing from the enterprise, out through a PFB, to the outside world? Or is there a threat from, in some fashion, passing from the outside world, through a PFB, into an enterprise server? 5) Suppose we add a new method to HTTP for the IPP. Do we also have to add a new method to HTTP for each such application, with each method having tightly constrained semantics? 6) I think the "cat is out of the bag" on POST. Assume new, application-specific methods. Should a restrictive administrator ban POST and insist that all applications migrate to new POST-like methods with exposed semantics? 7) Isn't IPP a "red herring"? What restrictive administrator can configure to "deny all, selectively allow" even now, given the huge range of forms that users inside the enterprise may wish to use. 8) It seems to me that the paper presumes a particular firewall architecture and then describes how protocols should be designed to accommodate it. That seems folly in the absence of a standard to which PFBs are designed. Dave Kristol
Received on Friday, 20 February 1998 07:17:09 UTC