Re: [Ace] question about wrong types
Ludwig Seitz <ludwig@sics.se> Tue, 25 October 2016 05:52 UTC
Return-Path: <ludwig@sics.se>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E2C312954C for <ace@ietfa.amsl.com>; Mon, 24 Oct 2016 22:52:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sics.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GfBt78C7-npl for <ace@ietfa.amsl.com>; Mon, 24 Oct 2016 22:52:22 -0700 (PDT)
Received: from mail-lf0-x236.google.com (mail-lf0-x236.google.com [IPv6:2a00:1450:4010:c07::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9FCE0127735 for <ace@ietf.org>; Mon, 24 Oct 2016 22:52:21 -0700 (PDT)
Received: by mail-lf0-x236.google.com with SMTP id x79so214125821lff.0 for <ace@ietf.org>; Mon, 24 Oct 2016 22:52:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sics.se; s=google; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=EPOCv0F2RAxVrKVYLW42ZPHpsX38X8YnhYF7JxpKTts=; b=IPDXTwnmR/geKVBN8/cjtMtDkIQ6sg7gcZnlh1aGjG0cAGy/27UIil6inmNz/VUDKL cCGoeTq144INaMDWT4IrGadMm8cB4rd2/QAw9AgDMM7YE8+gSGTXjYTEYKZKMgeURuTQ lOXPskc5KGrLqZxIhr9FiC6KyrzajVu7xm2SBMiyZXHD+hBdoY/YjZCQSDQFXnuDrjRy xBltuDaVcz/7IlQwQeszqlNurAKr7q3nhliavvXczIs8xp1ImddlIA4eT3TBfpoaLamc xUQym658J2DKYdZ8pDqOldiGRkV9JSYwGBA/JaUtACweFesUGiHktaS9zrk9rYvLa2MI no9w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=EPOCv0F2RAxVrKVYLW42ZPHpsX38X8YnhYF7JxpKTts=; b=PL/Sjbw9IdqbFyMTe/DPWKy3LAPGhM6cras3JL+LLf7UJ7GOYBvyfTWT3/cu48NPr5 BO06KznmuEVTg9L/VuIERvaXJOqpCU9wkR9q8jWZpokWY7SeFQE9JCeHxxm+luWhjMlP uMnOaKibIgkk9RyH1ShdG366BiA2pNtpQdPMOavb6a1ln8RECuRKkKbSFJK5ZRnMLqA3 GUY6us0iRUSbkzpWGMepxKjhGuKA/AGVBDslQ7o0H6ROzYJpJ4KCnJMtfG4UosJQIs3W hvsBLPbnqvccWQL5BAqU/tk4asXJHrsohG0E5DFDoIJsn50JoiqDBPG6bjzi1R/+p6ns OqsQ==
X-Gm-Message-State: ABUngvc66VrKg8ZXf/p/aa3gasdBbWNnEJfcKuxTblutvMTEQ35oOQCXxht7GE47PrdtCgfo
X-Received: by 10.25.92.152 with SMTP id u24mr8124540lfi.114.1477374739481; Mon, 24 Oct 2016 22:52:19 -0700 (PDT)
Received: from [192.168.0.166] ([85.235.12.155]) by smtp.gmail.com with ESMTPSA id o194sm3626844lfo.42.2016.10.24.22.52.18 for <ace@ietf.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 24 Oct 2016 22:52:18 -0700 (PDT)
To: ace@ietf.org
References: <094701d22c19$90a85080$b1f8f180$@augustcellars.com> <CAF2hCbZiuBUQUaWS+SkK8W+wduOep=TMeH1gXysbw_A8eqxe8A@mail.gmail.com>
From: Ludwig Seitz <ludwig@sics.se>
Message-ID: <0472a2d9-2753-6914-c8f8-3871592e5b6f@sics.se>
Date: Tue, 25 Oct 2016 07:52:18 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
In-Reply-To: <CAF2hCbZiuBUQUaWS+SkK8W+wduOep=TMeH1gXysbw_A8eqxe8A@mail.gmail.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms020604060101030206000005"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/Zd9MrG97jPxFU_QlVowBKtMEfCs>
Subject: Re: [Ace] question about wrong types
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Oct 2016 05:52:23 -0000
On 2016-10-24 17:42, Samuel Erdtman wrote: > Hi, > > I would opt for reject, and if the we think it is to narrow to require > the tag then we should explicitly change that. > > //Samuel > Reject sounds reasonable, otherwise we open up for potential data-format swapping attacks. /Ludwig -- Ludwig Seitz, PhD SICS Swedish ICT AB Ideon Science Park, Building Beta 2 Scheelevägen 17, SE-223 70 Lund Phone +46(0)70-349 92 51 The RISE institutes SP, Swedish ICT and Innventia are merging in order to create a unified institute sector and become a stronger innovation partner for businesses and society. At the end of the year we will change our name to RISE. Read more at www.ri.se/en/about-rise
- [Ace] question about wrong types Jim Schaad
- Re: [Ace] question about wrong types Samuel Erdtman
- Re: [Ace] question about wrong types Ludwig Seitz