| Who we are | Organizations | Get Involved! | Helpdesk |
| Weblog | About FLORA | Server project | F.A.Q. |
|
|
|||||||
| ||||||||
Election 2006 (and beyond): Digital Copyright Canada
From: Russell McOrmond <russell_-at-_flora.ca>
To: CANadian OPENsource Education and Research <discuss_-at-_canopener.ca>
Date: Sat, 30 Aug 2003 13:25:55 -0400 (EDT)
Along with a reference as to who Keith Moore is and how many RFC's he was involved in http://www.cs.utk.edu/~moore/publications.html , this makes for a good reference to have handy on the whole "email virus" vendor negligence issue. Adequately adhering to the relevant RFC's for file attachments should become a requirement for government procurement of email products, which would exclude Microsoft Outlook among others from use by the Government. There is precedent for requiring standards as part of NAFTA Chapter 10 on government procurement, but NAFTA requires a competing vendor to challenge a poor procurement. The message I am forwarding is published online as http://www1.ietf.org/mail-archive/ietf/Current/msg21845.html and http://vesuvio.ipv6.tilab.com/pipermail/ietf_censored/2003-August/003638.html I will be adding this reference to my http://www.flora.ca/no-outlook.shtml explaining why I do not accept file attachments from users of Microsoft Outlook, and why I recommend other people do the same. Outlook is not the only program with this problem, but it is by far the worst, and was the defective software that was then emulated by other vendors who then broke their products to be bug-compatible. Thanks to MCR for forwarding this to me. --- Russell McOrmond, Internet Consultant: <http://www.flora.ca/> Governance software that controls ICT, automates government policy, or electronically counts votes, shouldn't be bought any more than politicians should be bought. -- http://www.flora.ca/russell/ ---------- Forwarded message ---------- From: Keith Moore <NOSPAM@cs.utk.edu> To: "Christian Huitema" <NOSPAM@windows.microsoft.com> Cc: NOSPAM@cs.utk.edu, ietf@ietf.org Subject: Criminals Message-Id: <20030830000942.2a8df81f.moore@cs.utk.edu> In-Reply-To: <DAC3FCB50E31C54987CD10797DA511BA04EE2557@WIN-MSG-10.wingroup.windeploy.ntdev.microsoft.com> References: <DAC3FCB50E31C54987CD10797DA511BA04EE2557@WIN-MSG-10.wingroup.windeploy.ntdev.microsoft.com> X-Mailer: Sylpheed version 0.9.3 (GTK+ 1.2.10; i386--netbsdelf) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new and ClamAV at cs.utk.edu Content-Transfer-Encoding: 7bit Precedence: bulk Sender: ietf_censored-admin@vesuvio.ipv6.tilab.com Errors-To: ietf_censored-admin@vesuvio.ipv6.tilab.com X-BeenThere: ietf_censored@vesuvio.ipv6.tilab.com X-Mailman-Version: 2.0.13 List-Unsubscribe: <http://vesuvio.ipv6.tilab.com/mailman/listinfo/ietf_censored>, <mailto:ietf_censored-request@vesuvio.ipv6.tilab.com?subject=unsubscribe> List-Id: <ietf_censored.vesuvio.ipv6.tilab.com> List-Post: <mailto:ietf_censored@vesuvio.ipv6.tilab.com> List-Help: <mailto:ietf_censored-request@vesuvio.ipv6.tilab.com?subject=help> List-Subscribe: <http://vesuvio.ipv6.tilab.com/mailman/listinfo/ietf_censored>, <mailto:ietf_censored-request@vesuvio.ipv6.tilab.com?subject=subscribe> List-Archive: <http://vesuvio.ipv6.tilab.com/pipermail/ietf_censored/> Date: Sat, 30 Aug 2003 00:09:42 -0400 > User can do click on > attachments with many mailers, not just Outlook and OE. Note that any mailer that does this violates the MIME specifications, which specifically warn against the presentation of content-types not known to be safe, against a mail reader implementing the ability to present arbitrary content via a content-type parameter (e.g. "filename"), and recommends that the most that should be done with unknown content-types is to offer to save the content to a file. The working group that produced MIME went to a lot of effort to research the hazards associated with transmission of arbitrary content by email, and to craft a series of recommendations that would minimize the harm done. One vendor in particular deliberately ignored those recommendations. It also produced mail readers that didn't properly label content on outgoing mail and ignored the content-type parameter on incoming mail, instead looking at the suffix of a nonstandard "filename" parameter (which was only intended for use with application/octet-stream). When I was on IESG, a program manager with that company (in charge of an email product) assured me that this decision was deliberate, as it was thought that it would maximize their company's penetration in the market. Obviously, it did serve that end, and other vendors of mail readers for that platform were forced to emulate (to some degree) the nonstandard and dangerous behavior of the market leader's products. This decision has cost the network billions of dollars, including significant costs to people who do not use that company's software products (and who therefore aren't bound by its EULAs). Words that come to mind to describe this include: Willful, Criminal, and Negligence. Another word that comes to mind: Prison. As in "some people need to spend a lot of time there". _______________________________________________ This message was passed through ietf_censored@carmen.ipv6.cselt.it, which is a sublist of ietf@ietf.org. Not all messages are passed. Decisions on what to pass are made solely by Raffaele D'Albenzio.
| Please read the FLORA.org Terms and Conditions before you submit information to FLORA.org | |
Join the Blue Ribbon Online Free Speech Campaign(USA) (Canada) |
 FLORA Community Web
(FLORA.ORG) is sponsored by FLORA
Community Consulting (FLORA.CA).
|