headers
rra | 5 Sep 2008 20:55
Picon
Favicon
Gravatar

Commit in docs/usefor (usepro.xml)


    Date: Friday, September 5, 2008  <at>  11:55:27
  Author: eagle
Revision: 4949

Fix accidentally dropped word.

Modified:
  docs/usefor/usepro.xml

Modified: docs/usefor/usepro.xml
===================================================================
--- docs/usefor/usepro.xml	2008-09-05 04:01:48 UTC (rev 4948)
+++ docs/usefor/usepro.xml	2008-09-05 18:55:27 UTC (rev 4949)
 <at>  <at>  -1706,7 +1706,7  <at>  <at> 

       <t>Contrary to <xref target="RFC1036" />, the presence of a Subject
       header field starting with the string "cmsg&nbsp;" MUST NOT cause an
-      article to interpreted as a control message.  Agents MAY reject an
+      article to be interpreted as a control message.  Agents MAY reject an
       article with no Control header field and such a Subject header field
       as ambiguous.  Likewise, the presence of a &lt;newsgroup-name>
       ending in ".ctl" in the Newsgroups header field or the presence of
Permalink | Reply | 0 comments |
headers
Harald Tveit Alvestrand | 6 Sep 2008 13:54
Picon

Last Call on USEFOR - procedures and reminder of deadline


As you probably have seen, Lisa was true to her promise and Last-Called 
usefor-12 on August 30, with a Last Call expiry date of September 12 (6 
days from now).

If you have comments you wish to record as Last Call comments, please 
follow the usual procedure:

- For any substantial issue, send a message with ISSUE: in the subject 
to the USEFOR mailing list, detailing ONE concern (or a group of closely 
related concerns).
Special since this is IETF Last Call: If you think the issue warrants 
IETF-wide attention, CC the IETF list (ietf <at> ietf.org).
- We won't issue any new versions until after the Last Call has ended. 
Russ can check in new changes into his repository on a continuous basis, 
but there shouldn't be a -13 before September 12 at the earliest, and 
probably later (giving the WG Chairs some time to look through any 
issues raised).
- The WG chairs will record any ISSUEs that they don't dismiss out of 
hand in the issue tracker (eventually), and prepare a summary after the 
close of the Last Call.

I would particularly like to ask Charles to go over his August 28 long 
commentary on -11 and check what issues remain in -12, and if any of 
them need to be raised above the editorial level.

I'm hoping that we'll close this WG soon.

                          Harald
(Continue reading)

Permalink | Reply | 1 comment |
headers
SM | 6 Sep 2008 17:36

Re: Last Call: draft-ietf-usefor-usepro (Netnews Architecture and Protocols) to Proposed Standard

At 17:06 29-08-2008, The IESG wrote:
>The IESG has received a request from the Usenet Article Standard Update
>WG (usefor) to consider the following document:
>
>- 'Netnews Architecture and Protocols '
>    <draft-ietf-usefor-usepro-12.txt> as a Proposed Standard

Section 3.4 of this I-D states that:

   "Contrary to [RFC2822], which implies that the mailbox or mailboxes in
    the From header field should be that of the poster or posters, a
    poster who does not, for whatever reason, wish to use his own mailbox
    MAY use any mailbox ending in the top level domain ".invalid"
    [RFC2606]."

The use of an invalid email address for the author can be a problem 
if the message goes through a news-to-mail gateway.  Section 3.10.1 
(Duties of an Outgoing Gateway) doesn't mention what should be done 
in such a case.  Section 3.6.2 of RFC 2822 mentions that:

   "In all cases, the "From:" field SHOULD NOT contain any mailbox that
    does not belong to the author(s) of the message."

Should such messages be discarded by a news-to-mail gateway as they 
are not meaningful in that medium?

That could be avoided by encapsulating the message in a new message 
and sending it with Content-Type application/news-transmission.  Such 
messages might show up as attachments in some MUAs though.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Russ Allbery | 7 Sep 2008 06:23
Picon
Favicon
Gravatar

ISSUE: 4.3 contradicts 5.2.3


I was reading over the current draft as part of a recent discussion on
news.admin.hierarchies and noticed that 4.3 contains the statement:

  One application/news-checkgroups message may contain information for one
  or more hierarchies and is considered complete for any hierarchy for
  which it contains a <valid-group>. In other words, an
  application/news-checkgroups body part consisting of:

      example.moderated         A moderated newsgroup (Moderated)
      example.test              An unmoderated test group

  is a statement that the example.* hierarchy contains two newsgroups,
  example.moderated and example.test, and no others. This media type
  therefore MUST NOT be used for conveying partial information about a
  hierarchy; if a group from a given hierarchy is present, all groups that
  exist in that hierarchy MUST be listed.

However, this is not true in the presence of chkscope in 5.2.3:

  A checkgroups message is interpreted as an exhaustive list of the valid
  groups in all hierarchies or sub-hierarchies with a prefix listed in the
  <chkscope> argument, excluding any sub-hierarchy where the <chkscope>
  argument is prefixed by "!". If no <chkscope> argument is given, it
  applies to all hierarchies for which group statements appear in the body
  of the message. Since much existing software does not honor the
  <chkscope> argument, the body of the checkgroups control message MUST
  NOT contain group statements for newsgroups outside the intended scope
  and SHOULD contain a correct newsgroup list even for sub-hierarchies
  excluded with "!" <chkscope> terms. News servers, however, MUST honor
(Continue reading)

Permalink | Reply | 2 comments |
headers
Russ Allbery | 9 Sep 2008 21:04
Picon
Favicon
Gravatar

Fwd: ISSUE: Checkgroups control messages


Forwarding by request, since Julien's mail isn't making it through
moderation of the list.

From: Julien ÉLIE <julien.elie <at> student.ecp.fr>
To: "Russ Allbery" <rra <at> stanford.edu>
Subject: Tr: ISSUE: Checkgroups control messages
Date: Tue, 9 Sep 2008 20:02:11 +0200

Hi,

I see a few issues about checkgroups (section 5.2.3):

* If I have a hierarchy like this one:

    fr.bienvenue
    fr.test

and if another administrator is in charge of the sub-hierarchy
fr.autres, with for instance:

    fr.autres
    fr.autres.fiction
    fr.autres.histoires

how can he specify in the Control: header that his checkgroups
contains fr.autres?

    Control: checkgroups fr.autres #1
(Continue reading)

Permalink | Reply | 3 comments |
headers
Charles Lindsey | 16 Sep 2008 17:41
Picon
Picon

Re: secdir review of draft-ietf-usefor-usepro-12


On Wed, 10 Sep 2008 02:03:24 +0100, Charles Clancy <clancy <at> ltsnet.net>  
wrote:

> I have reviewed this document as part of the security directorate's
> ongoing effort to review all IETF documents being processed by the
> IESG.  These comments were written primarily for the benefit of the
> security area directors.  Document editors and WG chairs should treat
> these comments just like any other last call comments.
>
> Document: draft-ietf-usefor-usepro-12
> Document Title: Netnews Architecture and Protocols
>
> This document is an updated to RFC 1036, and defines the Netnews system.  
>   This document specifically addresses the Netnews architecture, with  
> another document defining the message formatting (and NNTP being defined  
> in a separate document, which is the most popular transport protocol).
>
> Having personally run my campus Usenet server while in college 10 years  
> ago, this document brings back all sorts of fun memories of a  
> pre-blog/wiki world.  The major issue back then seemed to be keeping  
> alt.binaries from filling up your server's disk.
>
> Overall, Newnews is known to have a myriad of security flaws that have  
> persisted since its inception, much like SMTP.  Strangely there hasn't  
> been any major effort to that I'm aware of to institutionalize things  
> such as digital signatures to Netnews articles.  The document indicates  
> that such an effort is underway (see section 5.1).  Is that true?
>
> A major avenue of attack for Netnews is unauthenticated control messages
(Continue reading)

Permalink | Reply | 0 comments |
headers
Charles Lindsey | 16 Sep 2008 17:08
Picon
Picon

Re: Fwd: ISSUE: Checkgroups control messages


In <87prnd87k9.fsf <at> windlord.stanford.edu> Russ Allbery <rra <at> stanford.edu> writes:

>Forwarding by request, since Julien's mail isn't making it through
>moderation of the list.

>From: Julien ÉLIE <julien.elie <at> student.ecp.fr>
>To: "Russ Allbery" <rra <at> stanford.edu>
>Subject: Tr: ISSUE: Checkgroups control messages
>Date: Tue, 9 Sep 2008 20:02:11 +0200

>I see a few issues about checkgroups (section 5.2.3):

>* If I have a hierarchy like this one:

>    fr.bienvenue
>    fr.test

>and if another administrator is in charge of the sub-hierarchy
>fr.autres, with for instance:

>    fr.autres
>    fr.autres.fiction
>    fr.autres.histoires

>how can he specify in the Control: header that his checkgroups
>contains fr.autres?

>    Control: checkgroups fr.autres #1
(Continue reading)

Permalink | Reply | 2 comments |
headers
Charles Lindsey | 16 Sep 2008 16:28
Picon
Picon

Re: ISSUE: 4.3 contradicts 5.2.3


In <873akctwht.fsf <at> windlord.stanford.edu> Russ Allbery <rra <at> stanford.edu> writes:

>I think the fix would be to change to something like this:

>  ...and is considered complete for any hierarchy for which it contains
>  a <valid-group> unless accompanied by external information limiting
>  its scope (such as a <chkscope> parameter to a checkgroups control
>  message as described in Section 5.2.3)

>and at the end, add:

>  ...MUST be listed unless its scope is limited by external information.

Yes, that should cover it, but you might add that, where there IS
"external information" (and maybe the chkscope shold be mentioned
explicitly), it SHOULD be listed.

>but I'm not horribly happy with that.  It feels awkward.  I suppose the
>other way of going about it is to redefine hierarchy, but I think that
>would be tricky to do.

A bit awkward, but good enough for our purpose (unless anyone can come up
with something better).

--

-- 
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131 Fax: +44 161 436 6133   Web: http://www.cs.man.ac.uk/~chl
Email: chl <at> clerew.man.ac.uk      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
(Continue reading)

Permalink | Reply | 1 comment |
headers
Charles Lindsey | 16 Sep 2008 17:27
Picon
Picon

Re: Last Call on USEFOR - procedures and reminder of deadline


In <48C26F59.5000808 <at> alvestrand.no> Harald Tveit Alvestrand <harald <at> alvestrand.no> writes:

>As you probably have seen, Lisa was true to her promise and Last-Called 
>usefor-12 on August 30, with a Last Call expiry date of September 12 (6 
>days from now).

That seems a very short interval. I have been on hboliday for 10 days, and
the Last Call seems to have openened and closed within that time.

>I would particularly like to ask Charles to go over his August 28 long 
>commentary on -11 and check what issues remain in -12, and if any of 
>them need to be raised above the editorial level.

None of the issues I raised was fixed in -12 (bar one). I think it best if
Russ looks carefully through it and indicates which is is happy to accept
(possibly reworded) as editorial corrections.

The only items which probably need discussion here are:

1. The MUST NOT in 
  "the    Path header field MUST NOT contain a "POSTED" <diag-keyword>;"
in Proto-articles (3.4.1) (since no interoperability arises, and there
might be diagnostic benefit in allowing it to remain in there).

2. The wording in 5.4 (Supersedes header) which is clearly wrong as it
stands, but I am not sure of the best way to fix it.

Also, it needs to be realised that the resolution of the IR/IC issue was
made by arbitrary decision of the Chair. I agree there was no better way
(Continue reading)

Permalink | Reply | 0 comments |
headers
Charles Lindsey | 16 Sep 2008 16:22
Picon
Picon

Re: Last Call: draft-ietf-usefor-usepro (Netnews Architecture and Protocols) to Proposed Standard


In <6.2.5.6.2.20080906004844.0333aff0 <at> resistor.net> SM <sm <at> resistor.net> writes:

>Section 3.4 of this I-D states that:

>   "Contrary to [RFC2822], which implies that the mailbox or mailboxes in
>    the From header field should be that of the poster or posters, a
>    poster who does not, for whatever reason, wish to use his own mailbox
>    MAY use any mailbox ending in the top level domain ".invalid"
>    [RFC2606]."

>The use of an invalid email address for the author can be a problem 
>if the message goes through a news-to-mail gateway....

>   "In all cases, the "From:" field SHOULD NOT contain any mailbox that
>    does not belong to the author(s) of the message."

>Should such messages be discarded by a news-to-mail gateway as they 
>are not meaningful in that medium?

The practice of munging From addresses is widespread on Usenet (with or
without the use of 'invalid'), so it isn't going to go away. But anyone
who munges his from address assumes the risk that various agents will
decline to display it; his choice.

I think it is up to the discretion of the gateway administrator. If he
lets it through, some email servers (e.g. those that check From addresses
for existence in the DNS) may drop it. That is the risk the sender took.

So I would leave our wording as it stands.
(Continue reading)

Permalink | Reply | 0 comments |

Gmane