Re: Start parameter in MIFFY/MTOM from Jacek Kopecky on 2004-01-16 (xml-dist-app@w3.org from January 2004)

From: Jacek Kopecky <jacek.kopecky@systinet.com>
Date: Fri, 16 Jan 2004 15:46:58 +0100
To: Jean-Jacques Moreau <jean-jacques.moreau@crf.canon.fr>
Cc: XMLP Dist App <xml-dist-app@w3.org>
Message-Id: <1074264418.20565.199.camel@localhost>

Jean-Jacques,

so your implementation will first blindly accept and buffer an
attachment, then read the rest of the message and do all the necessary
SOAP processing (mU checks etc.) and then it will process the body,
using the pre-buffered attachment? So if I understand correctly, you
stream-in the SOAP Body (with a print job, I presume) and just start
printing using the image. But isn't this amenable to denial-of-service
attacks?

Maybe your implementation has some limit on the size of the background
image and can afford to waste that space if the SOAP processing fails
(and it faults if the pre-SOAP part is too big). Am I right?

OK, I can see the usecase and how it might be implemented, but we must
spell it out quite clearly, if we in fact allow the SOAP part not to be
the first in the MIME package.

Best regards,

                   Jacek Kopecky

                   Systinet Corporation
                   http://www.systinet.com/

On Fri, 2004-01-16 at 15:32, Jean-Jacques Moreau wrote:
> Jacek,
> 
> We do have a usecase where we have a background image to print on each 
> page, and we want that image to appear first in the serialization.
> 
> Jean-Jacques.
> 
> Jacek Kopecky wrote:
> > Herve,
> > 
> > I wonder what are the usecases for putting the root part elsewhere than
> > the first part (necessitating the use of the start parameter). After
> > all, we expect that the SOAP part is relatively small and that is the
> > part that contains the instruction on what to do with the incoming
> > message (including the attachments, of course).
> > 
> > I can't imagine (at the moment) an application that would blindly accept
> > a potentially large attachment before receiving the part that requires
> > mustUnderstand checks, for example. It looks like a very good target of
> > denial-of-service attacks.
> > 
> > Best regards,
> > 
> >                    Jacek Kopecky
> > 
> >                    Systinet Corporation
> >                    http://www.systinet.com/
> > 
> > 
> > 
> > 
> > 
> > 
> > On Wed, 2004-01-14 at 13:03, Herve Ruellan wrote:
> > 
> >>Dear all,
> >>
> >>I would like to make sure that all MIFFY or MTOM implementations 
> >>supporting Multipart/Related packages have to support the "Start" parameter.
> >> From reading between the lines of the last MIFFY spec [1], I think this 
> >>is the case, but I would prefer if it was explicitely said in section 2.1.
> >>
> >>Best regards,
> >>
> >>Hervé.
> >>
> >>[1] http://lists.w3.org/Archives/Public/xml-dist-app/2004Jan/0023.html.
> >>
> > 
> > 
>

Received on Friday, 16 January 2004 09:47:18 UTC