Re: Resend: HTTP Performance extension for NAV(network-based anti-virus) systems from Adrien de Croy on 2007-08-03 (ietf-http-wg@w3.org from July to September 2007)

From: Adrien de Croy <adrien@qbik.com>
Date: Fri, 03 Aug 2007 13:11:52 +1200
To: babun@intoto.com
CC: ietf-http-wg@w3.org
Message-ID: <46B280D8.1050802@qbik.com>

Hi

A few months back I submitted an I-D which contained proposals for 
progress notifications.

the reason I raise that, is because it considers the same scenarios as 
your draft, i.e. it was specifically conceived to deal with issues 
around gateway scanning.

There is a problem with the approach taken by your I-D.

It is concerned around the issue of event sending any of the resource to 
the client prior to it having been verified as safe.

Trying to get the client to ignore the file after it has downloaded a 
whole heap of it isn't safe.  The file may have in fact been padded out 
to avert such techniques, so an entire workable image may have been 
already received by the client, which would run if executed.

There's not really any amount of an unscanned resource that can be 
guaranteed to be safe to send (well maybe just a few bytes).

This is why we're trying to deprecate "drip-feeding" in WinGate, since 
it's fundamentally a flawed concept, albeit necessary to appease the 
users of browsers.

I just submitted a revised draft which I'll also post here, which just 
focuses on using interim response messages to report progress.

Cheers

Adrien

babun@intoto.com wrote:
> Hi,
>
> I have submitted a draft on "HTTP Performance extension for NAV
> (network-based anti-virus) systems":
> http://www.ietf.org/internet-drafts/draft-babu-navmime-00.txt
>
> This draft attempts to also solve issues in reporting download progress
> and avoiding client connection timeout in presence of network-based
> anti-virus/anti-spam proxies.
>
> Like to hear feedback on this.
>
>
> Thanks,
> Babu
>
> PS: Appologies for resending this. Forgot to indicate the subject in my
> last email, hence re-sending.
>
>
>
> ********************************************************************************
> This email message (including any attachments) is for the sole use of the intended recipient(s) 
> and may contain confidential, proprietary and privileged information. Any unauthorized review, 
> use, disclosure or distribution is prohibited. If you are not the intended recipient, 
> please immediately notify the sender by reply email and destroy all copies of the original message. 
> Thank you.
>  
> Intoto Inc. 
>
>
>   

-- 
Adrien de Croy - WinGate Proxy Server - http://www.wingate.com

Received on Friday, 3 August 2007 01:11:35 UTC