[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Issue 5.1) SSH End of message directive

To: Wes Hardaker <wjhns1@hardakers.net>
Subject: Re: Issue 5.1) SSH End of message directive
From: Ed Roskos <ed.roskos@utstar.com>
Date: Thu, 19 Feb 2004 20:37:08 -0500
Cc: Gilbert Gagnon <gagnong@nortelnetworks.com>, tstoddar@utstar.com, 'Juergen Schoenwaelder' <schoenw@ibr.cs.tu-bs.de>, netconf@ops.ietf.org
In-reply-to: <sdy8qyfswm.fsf@wes.hardakers.net>
References: <0D7FC1D8D861D511AEA70002A52CE5E608F8BE3B@zcard0ke.ca.nortel.com> <sdfzd6ipyd.fsf@wes.hardakers.net> <40355CBC.5070307@utstar.com> <sdy8qyfswm.fsf@wes.hardakers.net>
Reply-to: ed.roskos@utstar.com
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040113

Wes Hardaker wrote:

On Thu, 19 Feb 2004 20:02:52 -0500, Ed Roskos <ed.roskos@utstar.com> said:

Ed> But SSH, as I see it, must fill a particular need, and that is
Ed> scripting.  How do you explain to someone that they cannot just
Ed> cut-and-paste, they must calculate bytes for the message, while
Ed> they are playing around getting their scripts right in the first
Ed> pass?

Oh, sorry if you thought I was advocating byte counters.  I wasn't.  I
was just pointing out there are two ways to get around problems like
this: forced escaping and byte lengths.

Note that BEEP has byte length counters in it as well, which I've
pointed out before because I wasn't sure script-writers would want it.


I would advocate something byte-counters for non-scripting interfaces.
Haven't played with BEEP yet, but I can't wait.  Cool stuff =)

Ed> What we need for SSH is a simple way to stream in your messages
Ed> which does not introduce possible security breaches.  I think
Ed> we pretty much have such a method.

Which is? disallowing CDATA? That'd be unpopular I bet.


Nah, disallowing CDATA was killing a fly with a nuke.  Gilbert
had a far better idea.  If you use CDATA with the SSH protocol,
just make sure you don't do so with the EOM marker on output,
which implementers should be able to do pretty easily.

To see if we have the bases covered with this approach, here are
the ideas again (correct me if I'm wrong!):

On input if the user chooses to use CDATA on input with the EOM
marker, an implementation would wind up doing one of two things.
Either it recognizes it is inside of a CDATA section and handles
it correctly, or it does not recognize this, falsely identifies
the end-of-message, and a syntax error occurs resulting in no
update.

On output, we just have to be sure that we do not render the
end-of-message text verbatim.  This can only happen in a
CDATA section, AFAIK.  You can always render with &lt; and
&gt; outside of a CDATA block.  Since an XML parser will pull
in text after stripping out the CDATA syntax and converting
escaped characters in non-CDATA text, you would never know
the difference, and the framing by a script writer will
work.

--
to unsubscribe send a message to netconf-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/netconf/>

References:
- RE: Issue 5.1) SSH End of message directive
  - From: "Gilbert Gagnon" <gagnong@nortelnetworks.com>
- Re: Issue 5.1) SSH End of message directive
  - From: Wes Hardaker <wjhns1@hardakers.net>
- Re: Issue 5.1) SSH End of message directive
  - From: Ed Roskos <ed.roskos@utstar.com>
- Re: Issue 5.1) SSH End of message directive
  - From: Wes Hardaker <wjhns1@hardakers.net>

Prev by Date: Re: Issue 5.1) SSH End of message directive
Next by Date: Re: Issue 13.3.1: the 'create' operator
Previous by thread: Re: Issue 5.1) SSH End of message directive
Next by thread: RE: Issue 5.1) SSH End of message directive
Index(es):
- Date
- Thread