[Top] [All Lists]

Re: AD review of draft-ietf-sieve-3028bis-12

2007-03-30 14:52:44

On Fri, Mar 30, 2007 at 10:15:39PM +0100, Alexey Melnikov wrote:

Section 10

 Implementations SHOULD take measures to prevent scripts from looping.

Q: Isn't this trivially true because Sieve scripts have no loop 
command? Perhaps you meant to say "creating mail loops" instead of 

Actually, there is separate text about mail loops:

  The "redirect" command has considerations regarding loop prevention;
  see the command description for recommendations.

I can't remember now why this text is here. Maybe it is just alerting 
about buggy implementations that might loop due to buffer overflows, etc.?

I had submitted the following comment for -09:

    > 10.     Security Considerations

    >    Implementations SHOULD take measures to prevent languages from
    >    looping.

    I think it means "messages" not "languages"

"languages" was changed to "scripts" which seems no better.  I dunno,
maybe the original intent was "scripts" but I still don't see why that
would be there.  The reminder about message loops seems appropriate to me
for this section.

A couple of the other changes look familiar too :)