On Sep 10, 2013, at 4:41 AM, t.p. <daedulus(_at_)btconnect(_dot_)com> wrote:
for reasons of
security, of course; html has far too many attack vectors to allow it to
be processed in e-mail
If that's true, why is it safe for you to use HTML in a web browser? Is it
because you feel that the HTTP trust model is safer? Are you trying to avoid
attacks via spam? If the former, you are probably mistaken. If the latter,
it seems to me that PGP-signed messages would help with this, and that you
ought to switch to a non-broken MUA.
Your assumption about HTML email is particularly worrisome because it is
similar to an assumption people frequently make that NATs and firewalls keep
them safe because unsolicited incoming connections are dropped. This is of
course not true, because it's not that difficult to get you to make an outgoing
connection to an address that leads to an attack against your browser.
It's certainly easier to attack you by sending you spam, and prohibiting HTML
in email does protect you from attacks via HTML flaws by spammers. But you
pay a pretty heavy price for that protection, and it's one that most email
users would not consider paying, so by doing this you are essentially deciding
not to eat our dogfood.
If we IETFers do this sort of thing habitually, we wind up living in a security
context that most users do not live in, and wind up designing protocols that
really don't address the needs of most users. This is Very Bad.