Re: RFC archival format, was: Re: More liberal draft formatting standard

Douglas Otis <dotis at mail dash abuse dot org> wrote:

> ...  The concern related to the use of the Word input format, which 
> has changed in 97, 00, 02, 03, 07, and is likely again in 10, remains 
> that of security.  Changes are not always apparent, and even format 
> documentation can not be relied upon when details related to active 
> components are ill defined.  The security concern is in regard to the 
> embedded program language, especially when the program is to be relied 
> upon as the means to generate IETF compliant outputs.  The Internet is 
> not a safe place, where a practice of embedding programs that can 
> cause harm into what could have been innocuous text should be 
> considered a bad practice.  Currently, collaboration between 
> individuals might be accomplished by sharing xml2rfc input files, 
> which are also retained with the plain text  RFC output.  Reliance 
> upon Word input files as a replacement for xml2rfc files will 
> invariably lead to a bad practice of depending upon potentially 
> harmful embedded programs.
OK, I've had just about enough of this fearmongering.  Why on Earth 
would someone use Visual Basic within Word to write a utility to convert 
Microsoft Word ***XML*** documents to an IETF-acceptable format, when 
there are much better tools for processing XML?  Why would someone not 
specifically write such a utility to ignore or reject any Word document 
containing executable code?  Are we that stupid?
Based on the logic I am reading here, I should stop writing code in 
Visual Studio because it could be used to create a worm or virus, should 
stop turning on my computer because the box could be used to beat 
someone over the head, should stop driving my car to work in the morning 
because someone could crash it into a preschool.  We shouldn't try to 
stop people from using every tool that could potentially, theoretically, 
be misused or used intentionally for evil.  I use Word almost every day 
and I haven't encountered a macro virus for years, probably because I 
don't open e-mail attachments from unknown senders and don't visit 
MySpaceCoolAddOns.com, and have also learned to walk upright.
I don't plan to respond further to this thread because it is obviously 
going nowhere.
This, on the other hand, from Iljitsch van Beijnum <iljitsch at muada 
dot com>:
> This solves the problem that converting anything else into XML2RFC a 
> reverse lossy process: XML2RFC needs more than what other formats can 
> supply so automatic conversion (from, for instance, Word) is 
> impossible.
is a genuinely useful and productive counterargument against the whole 
"word2rfc" concept.
--
Doug Ewell  *  Thornton, Colorado, USA  *  RFC 4645  *  UTN #14
http://www.ewellic.org
http://www1.ietf.org/html.charters/ltru-charter.html
http://www.alvestrand.no/mailman/listinfo/ietf-languages  ˆ

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf