[prev in list] [next in list] [prev in thread] [next in thread]
List: kc-kde
Subject: [kc-kde] Update
From: "Timothy R. Butler" <tbutler () uninetsolutions ! com>
Date: 2002-06-03 5:42:54
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi again,
I had a small bug in my XML, please find an updated bit attached.
-Tim
- --
- ----------------------------------------------------------------
Timothy R. Butler tbutler@uninetsolutions.com
Universal Networks http://www.uninet.info
Christian Portal and Search Tool: http://www.faithtree.com
Open Source Migration Guide: http://www.ofb.biz
============= "Christian Web Services Since 1996" ==============
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8+wHxK37Cns9gJ0gRAgP6AKCVTkWmr31+CTWuP4vKiiv2UM1kcwCcDx67
XwIVtoJnEC9u1NeZ7CqfUsk=
=GCfq
-----END PGP SIGNATURE-----
["kc 2002.06.02.xml" (text/xml)]
<section
title="KOffice Mimetypes Submitted to IETF for Public Review"
author="Timothy R. Butler"
email="tbutler@uninetsolutions.com"
subject="Draft template for registration of KOffice mimetypes"
archive="http://lists.kde.org/?l=koffice-devel&m=102189872531684&w=2"
posts="28"
startdate="May 20, 2002 12:37:13 +0200"
enddate="2002-05-26 19:24:37 +0200">
<p>Continuing his attempt to help get KDE's mimetypes registered with IANA,
<a href="mailto:Marc.Mutz@uni-bielefeld.de">Marc Mutz</a> wrote in saying:</p>
<quote who="Marc Mutz">
<p>Now that the ZIP format has arrived in KOffice, we can finally register
the KOffice mime types.</p>
<p>Please read the template thouroughly, since I intend to send it to the
ietf-types mailing list for a two-week comment period before it goes
into the IANA registry.</p>
<p>I have changed the magic numbers from what I found in kdelibs/kio/magic
in anticipation that the new mime types will also be used internally
(at least you already test for both app/x-kapp and app/vnd.kde.kapp in
the source).</p>
</quote>
<p>His message continued with a generic registration that could be used for the \
various KOffice applications. Marc finished off with a question, saying, <quote \
who="Marc Mutz">Please tell me for which KOffice apps this template holds and for \
which it needs modifications.</quote> Marc's message created a flurry of responses, \
including an answer to his question from <a href="david@mandrakesoft.com">David \
Faure</a>:</p>
<quote who="David Faure">
<p>I think it applies to those, they all use the KoDocument methods for \
loading/saving: karbon, kchart, kformula, kivio, kontour, kpresenter, kspread, \
kword</p>
<p>What do we do about the apps that are not released yet?
kdatabase and kplato will surely use xml+zip, but we could register those apps
only when they exist, right?</p>
<p>Krita: will it have xml+zip as a native format, or will it only load/save images \
(jpeg, png etc.) ? Kugar doesn't appear to have an xml+zip format.</p>
</quote>
<p>After the discussion had settled, Marc wrote in again with an update:</p>
<quote who="Marc Mutz">
<p>Following is the expanded list of mime types for these KOffice apps:
kword, kspread, kpresenter, kformula, kchart, kivio, kontour, karbon</p>
<p>This public review will be not be very extensive, though, so don't count
on others doing it - do it yourself! ;-)</p>
</quote>
<p><a href="mailto:nicog@snafu.de">Nicolas Goutte</a> responded with a question \
concerning the security information included in the proposal:</p>
<quote who="Nicolas Goutte">
<p> I am sorry to be picky again!</p>
<p>"ZIP archives, XML files and supported image files"</p>
<p>Do WMF (Windows Meta Files) count as images too? What is the security status
of those</p>
</quote>
<p>A small discussion on security ensued, to which <a \
href="mailto:zander@planescape.com">Thomas Zander</a> replied:</p>
<quote who="Thomas Zander">
<p>svg/eps/wml etc are all embedded in the document (but that is optional to
begin with). The document that uses the mime-type is a zip; so basically
you can include any executable/shell script virus in there as you want.
The statement that it does not introduce extra security concerns it therefor
complete.</p>
<p>For the people that are afraid that I am sidestepping the problem with that;
on the question of using any scripts or other possible virii like code in the
archive we keep and always will have the statement that we believe in seperation
of document-data and executable-data. We will never allow something to be
executed when it (or its container) is marked as document data.</p>
</quote>
<p>Finally, Marc wrote in saying <quote who="Marc Mutz">As you've seen, I
just sent the mime type reg's to ietf-types@iana.org for a two-week \
review.</quote></p>
</section>
_______________________________________________
kc-kde mailing list
kc-kde@mail.kde.org
http://mail.kde.org/mailman/listinfo/kc-kde
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic