Re: [Anima-bootstrap] Discussion re. encoding of ACP parameters in LDevID

Toerless Eckert <eckert@cisco.com> Wed, 15 June 2016 02:24 UTC

Return-Path: <eckert@cisco.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CBC8312D866 for <anima-bootstrap@ietfa.amsl.com>; Tue, 14 Jun 2016 19:24:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.947
X-Spam-Level:
X-Spam-Status: No, score=-15.947 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TU1j5WnfUaj2 for <anima-bootstrap@ietfa.amsl.com>; Tue, 14 Jun 2016 19:24:43 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A05112D53B for <anima-bootstrap@ietf.org>; Tue, 14 Jun 2016 19:24:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1052; q=dns/txt; s=iport; t=1465957483; x=1467167083; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=yEN8DDp6H3bRUXmkU9J6bLbxTj7z2ZLrJH4WnxFHZNQ=; b=bRPLq9mC3jbNqE3u4psJ/PnvnKGyzcVKMIZq3ZyfITLXbREj837rVJm0 yYkyzGd4QXsN/hFwnRNdoTCjVoZl23f9TK5or2oZLvKYVEVPNrJ18AWWr cmWsLjRp1Hlur6XU2c8+6SdoCHycHDENoykJay++MaVEzOtz01aHMES4k Q=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0AHAgAru2BX/5BdJa1dgz6BU7s5gXmGF?= =?us-ascii?q?wKBMTgUAQEBAQEBAWUnhEwBAQQ6PxALGAklDwVJE4gwvWsBAQEBAQEBAQEBAQE?= =?us-ascii?q?BAQEBAQEBAQEcinSEEhEBhXcFjmSEX4Ugjh8KgWmEUohnj3QeNoQOHDKIU4E1A?= =?us-ascii?q?QEB?=
X-IronPort-AV: E=Sophos;i="5.26,474,1459814400"; d="scan'208";a="118840306"
Received: from rcdn-core-8.cisco.com ([173.37.93.144]) by rcdn-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 15 Jun 2016 02:24:42 +0000
Received: from mcast-linux1.cisco.com (mcast-linux1.cisco.com [172.27.244.121]) by rcdn-core-8.cisco.com (8.14.5/8.14.5) with ESMTP id u5F2Ogu4014837 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 15 Jun 2016 02:24:42 GMT
Received: from mcast-linux1.cisco.com (localhost.cisco.com [127.0.0.1]) by mcast-linux1.cisco.com (8.13.8/8.13.8) with ESMTP id u5F2OgX6022535; Tue, 14 Jun 2016 19:24:42 -0700
Received: (from eckert@localhost) by mcast-linux1.cisco.com (8.13.8/8.13.8/Submit) id u5F2OfKo022534; Tue, 14 Jun 2016 19:24:41 -0700
Date: Tue, 14 Jun 2016 19:24:41 -0700
From: Toerless Eckert <eckert@cisco.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <20160615022441.GN31598@cisco.com>
References: <20160614233408.GI31598@cisco.com> <f0268f3e-57c1-f557-eb21-4b9ce13d8867@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <f0268f3e-57c1-f557-eb21-4b9ce13d8867@gmail.com>
User-Agent: Mutt/1.4.2.2i
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima-bootstrap/Ffpu88H5VqyTVKwktnXGS2Xwfj8>
Cc: anima-bootstrap@ietf.org
Subject: Re: [Anima-bootstrap] Discussion re. encoding of ACP parameters in LDevID
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jun 2016 02:24:45 -0000

On Wed, Jun 15, 2016 at 02:20:07PM +1200, Brian E Carpenter wrote:
> On 15/06/2016 11:34, Toerless Eckert wrote:
> 
> ...
> > The IPv6 address is lifetime stable
> 
> Define lifetime please.

As long as the cert is valid.

> ...
> > So: My Favourite is actually the rfc822addr. Aka: An email-address:
> > 
> >      anima.acp+FD99:B02D:8EC3:0:200:0:6400:1@example.org
> 
> I've got no strong preference here but I want to add a constraint.
> It's essential that if we include a literal IP address, it is canonical
> so that text comparisons will always succeed. Therefore following RFC 5952
> is a MUST (even though that RFC itself is only a SHOULD).
> 
> Therefore your example should be
> 
> anima.acp+fd99:b02d:8ec3:0:200:0:6400:1@example.org
> 
> (and, btw,
> anima.acp+fd99:b02d:8ec3::200:0:6400:1@example.org
> would be incorrect even though it's the same binary address)

Ack. I continue to copy & paste IPv6 addreses from some random Cisco IOS
CLI, which alas is not RFC 5952 compliant ;-(

Cheers.
    Toerless