--On Thursday, February 03, 2005 7:57 PM -0500 stanislav
shalunov <shalunov(_at_)internet2(_dot_)edu> wrote:
Internet-draft announcements, as they are currently generated,
include a MIME-based mechanism to request internet-drafts via
email. Do you use this feature? If you do, could you please
let me know?
Background: the IETF Tools team is working on a draft,
draft-ietf-tools-notification-03.txt, that specifies the
requirements for a document notification service. We'd like
to better understand how email document delivery is actually
used.
Please be a little bit careful about how and where this question
is asked. Most of the active participants in the IETF have
reasonably good, online, access to the Internet with
cost-effective bandwidth (at least much of the time). But there
are people for whom those things are not the case, but who want
to track our work and should be able to do so. They may or may
not read the open IETF list but, given recent volume surges, I'd
guess most of them do not. For them, the email access, and
maybe even the remote-body-part access, can be important
features -- more important, perhaps, for RFC retrieval than for
I-D retrieval, but important nonetheless.
While I'm on the subject,
--On Friday, February 04, 2005 8:41 AM +0000 Tim Chown
<tjc(_at_)ecs(_dot_)soton(_dot_)ac(_dot_)uk> wrote:
Hi,
Our anti-virus system tags all IETF draft announcements as
being potentially dangerous. I suspect because of the unusual
options to fetch the data that are encoded in the MIME header.
We would certainly like to see that feature removed from IETF
announcements, as it seems archaic. This may not be within
the remit of your draft, but you may wish to consider what
effect various MIME options have on anti-virus systems, and
potential vulnerabilities that lie within them.
Hmm. There is a case to be made that those external body part
options are as safe, or safer, than a delivered attachment: you
can, in principle, inspect either before opening or executing
it, but I can easily imagine one of those "a good/fun user
experience is more important than security or bullet-proof-ness"
MUAs being designed to provide better access for an actual
virus-checker for the external body parts. Certainly an
external body part is as safe and probably safer than an
imbedded URL, especially in an MUA that opens those URLs
automatically.
So my instinctive response to that request is "have you
considered getting your anti-virus software fixed?".
john
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf