Re: [Anima] [Technical Errata Reported] RFC8995 (7263)
Esko Dijk <esko.dijk@iotconsultancy.nl> Sat, 10 December 2022 11:24 UTC
Return-Path: <esko.dijk@iotconsultancy.nl>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 287ABC14CF02 for <anima@ietfa.amsl.com>; Sat, 10 Dec 2022 03:24:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=iotconsultancy.nl
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2WjmkdWm-PAT for <anima@ietfa.amsl.com>; Sat, 10 Dec 2022 03:24:06 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2122.outbound.protection.outlook.com [40.107.20.122]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F2A69C14CF0E for <anima@ietf.org>; Sat, 10 Dec 2022 03:24:05 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JjXD4uS99rgZN5MyE/W+nWSqCarScfZgxIHlBlHrFA9qUo3563IeuTOafiqCclCg9qlyYRWz+NQIcnv+bYmlk+agVzZgyoQp1zV+AKeyAUiikusOIKxIFyDRK9tzTwCY+a/bII6qxHCod6KgOofukLi+rn/C9XfU8hhbJLKUvo5gRrvgWxt4p/geQecqsDy+bislPfX+/PUW89N5+5MuaJV3/8LENim6pXXMku9WElvk62KswVuRZ7hN0iCbuAFS2zjb6Sfc3c6z4W4WMjloS2TC8/Y3ixDc+EqZnR1UwcLeWMff83mE0iEgVc5PjYncH9WASKCJAfkJR2OB7HobQQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jO26fBcBPPCTDtvoElmsjC1JogYGrLiAugPc7su7kWc=; b=imHXFAokXhQyCyeMiFRmao2wJsmgXlNkBPhWE9G7fkIDIhO6FELk4ZL0ENabtxlyXBUdCm1uxvPPVD49sUBGuSdhGPb76+GWY3SP+ULnw9HuNxkxEvtumJALtIJ9u40vBMrYtUCsh3jmCuPEah9OmUm+uErK5yM4AtZxywjGkibgMtwM34ZWa4GEcwRohWejAM0PBuwD5dP8rC5/AiRtjwytdliCW8LrA88GfbCF1tHC/Gx2UL004l0AL5+1ahJLRG5MSWIpTMLtyDsroELHlmmB6/Wy/RAwD4A6nw4pgtJy/E4rlmEjXD3kIalLCEzXuLelutbBmiGkfQbot/g6eg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=iotconsultancy.nl; dmarc=pass action=none header.from=iotconsultancy.nl; dkim=pass header.d=iotconsultancy.nl; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iotconsultancy.nl; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jO26fBcBPPCTDtvoElmsjC1JogYGrLiAugPc7su7kWc=; b=J0MO+HRHKPNWaxXM/PvHW37NZrg8LUX/qM7mqW515MKJWtXA5SbJfx2xMSgeizh5mwG5wbn0v/Iu1qWbp3q0GYDoxArTBISQt+KVnzCVlYAn39QvXim3lp8VQnAmrSEvevWcf/nY5YEIp9b0OTRrZTt4FmEt0c+qNzvkTRH1jzA=
Received: from DU0P190MB1978.EURP190.PROD.OUTLOOK.COM (2603:10a6:10:3b9::20) by PR3P190MB0858.EURP190.PROD.OUTLOOK.COM (2603:10a6:102:80::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.19; Sat, 10 Dec 2022 11:24:00 +0000
Received: from DU0P190MB1978.EURP190.PROD.OUTLOOK.COM ([fe80::7f21:781:e808:be2]) by DU0P190MB1978.EURP190.PROD.OUTLOOK.COM ([fe80::7f21:781:e808:be2%9]) with mapi id 15.20.5880.019; Sat, 10 Dec 2022 11:24:00 +0000
From: Esko Dijk <esko.dijk@iotconsultancy.nl>
To: RFC Errata System <rfc-editor@rfc-editor.org>, "pritikin@cisco.com" <pritikin@cisco.com>, "mcr+ietf@sandelman.ca" <mcr+ietf@sandelman.ca>, "tte+ietf@cs.fau.de" <tte+ietf@cs.fau.de>, "Michael.H.Behringer@gmail.com" <Michael.H.Behringer@gmail.com>, "kent+ietf@watsen.net" <kent+ietf@watsen.net>, "warren@kumari.net" <warren@kumari.net>, "rwilton@cisco.com" <rwilton@cisco.com>, "tte@cs.fau.de" <tte@cs.fau.de>, "shengjiang@bupt.edu.cn" <shengjiang@bupt.edu.cn>
CC: "rufus.buschart@siemens.com" <rufus.buschart@siemens.com>, "anima@ietf.org" <anima@ietf.org>
Thread-Topic: [Anima] [Technical Errata Reported] RFC8995 (7263)
Thread-Index: AQHZC+H/eRArliyD40uXRJEnjzSFTK5m8MGg
Date: Sat, 10 Dec 2022 11:24:00 +0000
Message-ID: <DU0P190MB197838872826375C7351D782FD1F9@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM>
References: <20221209152045.941B755D24@rfcpa.amsl.com>
In-Reply-To: <20221209152045.941B755D24@rfcpa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=iotconsultancy.nl;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DU0P190MB1978:EE_|PR3P190MB0858:EE_
x-ms-office365-filtering-correlation-id: d19f4b35-6f41-4eef-9618-08dadaa10906
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: kpI8qa3M8yQEJXkeFT/G9kBGWWQdQDAGnrG17+yHFNAXxnG82qfKiv5+R8HxbKYsp81OWiD2yDhFHK35pe+43kskpuHOlKvfIP8ZxEVONErdqoyDaEhaO/MapHkHgcKF1u4Ity7Ju1fNO87MwSVSAOg8NKLdyB6Fp9Z3guuWK4pD4j8tqaVqullJNRbq403IcIO5rjQYNZo0Sy99s93FP5EMMgp6loLUBcTXE6Kv4fOQh9xPJ82yk7gZHuqpW3b7+nTa0SPweeZiuwPfuBfoKff32WUxhs2ZWJ2LfVXU9MbWDh6xpnqGUgIgCrQmoR1dkaVOZXDMlDRxaWfWZe5iY0iDi4kXhT3slO1zBZORJFMt0tk5joV8JbYn0sNl5AfJYn+sagukiWwVNwQvwrAIv7ACT1r5WQ8loDhi1VeotiQqroG9oEFd8Mq+FvLQD1+KS9kPIbA/FenNuLUl+V5RGS1IKxp/vfvVHaQmIRKyaORpZVs+ZuW8O38ODAZrKaA9XXjK2txBIIAZHIXOi4JSm1OVRWjm+fVNXA9DJXa0VHk3UMCBPuBxnxKUQYxDcGcqBwcm0vi+tmtjKeh9UMxLuruLALGJDkxQfxR6MwPF9NfpIYjFB7Mqq3hnMr/16Ek1hRBwjrCG5wieQ19eveVRULi93CFCpijH+QLbM/km9DflAmq18k5F5LeYF4972vJpfjQPhF0FsrbT1zQjLqyRmGuqnFvHw/4fS0hAPKZyQWW2wjNA2GOb3tYIWYn0QfpC
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DU0P190MB1978.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230022)(396003)(366004)(39830400003)(346002)(136003)(376002)(451199015)(316002)(110136005)(54906003)(38070700005)(8936002)(7416002)(5660300002)(52536014)(4326008)(8676002)(66446008)(66476007)(66946007)(64756008)(66556008)(41300700001)(9686003)(76116006)(53546011)(86362001)(7696005)(6506007)(83380400001)(186003)(33656002)(478600001)(966005)(71200400001)(2906002)(921005)(55016003)(38100700002)(122000001)(44832011); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: XSIsZgcggZw1C8LRofNUocUeYu33uuhY6ZXjCEY69kvIZJ8Mj5bzlqwup7v4LIcs24Fg8YUjSFkgxZee3xVZgKldDNPjdFsm1MjbnBaBDoILtyt1/V9qomRmUA4I58/H/s7A+JRGCpM9lLyLSv46jsbb0oFfZB2wV/b+X8QgWkVJtdOzWjVRTvb17lNjY5HZhYwTMuMU0QYOttq/1hdx37uJDSnh9dpCqBzXbFqC6j9Q5/2MzQ7PQ7/KhYTqj+dRC/uBxq1/AkYeNm9jEqYY5z8RwgqLMOr7ygwEU6AGNzxtjUjmLGh9NLuqsBp6yI3gGuhERczdNBKr5bKYR8rwIUD5s1fQwfFdOsCebKWaFgYAl3Xi+d+XudZH9pldT5sjexxQnBttxa4bShihXlTEQBbsyGONwPILc+NQwiViUt08Qg/fNk8Xm8/7Qv5d15zuq4FaMw0yc55KAyRTG0ZV1VSSjFrsygLTRe4oz7KkWWAzySWc/AT4pcY3YG0mP+4uGPvIf9QfjuPFY9phFEqZpTL3uc671DIkeQ+2CcMPyeNyHbiv/EnLVosKqSxM3Yqnb/poOuE3eQsGFdsq8+bh42vuW59SlMqwNjt8shhzA9hZPQyqzQ6eOnfEBRivAFwG4lnTck13CdDeL+mHBupcNpf6eLASdMt5cvSr3aL2XjGGD9PrghZmVZp5pfUwqUTtt1TKL8zFo5dqQUwsxoRbAyMBseNtStNnDd/bvAP8qKxn03WG+P0vVAY65ZBHJBzaTFXpIEoOtIy7+F20Rq+gfPuICdjUAPojjHVDmCg+9ldPtHdXE1kMsxrxvlMg983xsiGmASM4YHnrMb7eke/N3jB8EDZklg5DgZbR88D00TzL1pdQebHEW/0fWYmkKwOs53NeXHIReg8ARDDVW7ygsoMY38yqOmx5RLtFtmFkobgSPbqJeCWZYPp9zxzaAv7USQMuzlOwLg1I+UjDS7BvPwSXpaXADugNsqXleli49kFSwgWmlPMVZVwRUveJmxQK02XzdFZ8MyS69PeVP91ZZ5DnjZ2FfWIkRTk+FfmUpSlsEjhoVqO5T48hv13JFymhadGvUYD5rVl/9gZXN3y+F31ads1sISMU4PHQCcA2EjxqOShAlvkYvvjK5Zb8E98KLAmkaApf6dfltSrQcYV5SSE/DP7kCNkMvS/ibEAOzV6joCZil/a2WU7zq0znssHwHxLgVwJzszyJjX6k0ShWk6rlYbMl8hQW54TXeBVVDc4DqqMlGdpQyabfkJjvRMko+oSFIRiqIzQxWFxMNM9uOcq5D2wL3iTKPPw9ogouG1IpQgKNKt70Ic1JNzz6nM+Gq6aNz9osyKDTbiUNzmaX3OqXg1/BXLTWhiZrh1VP1wJwWQklsl1AeJV7HtvPBVOg9bP5kCUvd7eAe5h5geHoFkV5bkOAk2cB9KTFlvupQIm/6V/vtasjQUDByUwvqsRoBpK0Le9upR1ZslrqD2f951+2ZNfqutj2moH1Olj2T5ADZEmT0ISijJkM/Qny8lgvQt2kLL3jkhwxMK8fJwky3GOXaJ+2aaaKtBMEg8rG3k3/TC0kB5p0HGmtfNe6bxJR+TN9uYed0vgUODFGxuog/9Hixp1R3U6kgV9pqcSXWrwXGqxsh9SnZ+gqDjm8BD/+F9jMIyknzk+QqPSQxlZ/Jw==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: iotconsultancy.nl
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DU0P190MB1978.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: d19f4b35-6f41-4eef-9618-08dadaa10906
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Dec 2022 11:24:00.1894 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 58bbf628-15d2-46bc-820b-863b6774d44b
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: O7nza5u216LgZDNiMMUttzWhw80TYh+/By2KTQHDs8DQ2fcFYRFUAVZMwaE3YXCpIwNpPHgzkQABCXwlyisr8jLzhBB+2KpXz8BSEqQj3D0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR3P190MB0858
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/E_G824E93hAkLFPblbFYvM-pI6Q>
Subject: Re: [Anima] [Technical Errata Reported] RFC8995 (7263)
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Dec 2022 11:24:11 -0000
Hi all, The proposed text still needs some work here; I would urge the WG not to accept this in current form. That said, using normative language in this specific part certainly helps to clarify the requirements for implementers. As a side question to all about IETF requirements language - what is the difference between "X is included." and "X MUST be included." ? For many years I have read sentences like "X is included" or "X is set to Y" as equivalent to a MUST. And such sentences are used a lot in RFCs. Surely we don't want to replace all of these cases by normative language? But if it helps to clarify things for this specific case, then fine to do it. The erratum motivation / note was not saying why this particular case needs normative language. A few points: * corrected text has "SHOULD BE" which isn't RFC 2119 compliant. * actually, the Registrar MUST include the idevid-issuer field, not intended as a "SHOULD". Reason: the Registrar wouldn't know if the MASA would need this field or not -- there is no signaling in-protocol by MASA to tell whether it wants this field -- so the only thing the Registrar can do is include it to cover all cases. There is no reason for the Registrar to exclude it. Or at least, I don't know one and no reason is given in the erratum note. Regards Esko -----Original Message----- From: Anima <anima-bounces@ietf.org> On Behalf Of RFC Errata System Sent: Friday, December 9, 2022 16:21 To: pritikin@cisco.com; mcr+ietf@sandelman.ca; tte+ietf@cs.fau.de; Michael.H.Behringer@gmail.com; kent+ietf@watsen.net; warren@kumari.net; rwilton@cisco.com; tte@cs.fau.de; shengjiang@bupt.edu.cn Cc: rufus.buschart@siemens.com; anima@ietf.org; rfc-editor@rfc-editor.org Subject: [Anima] [Technical Errata Reported] RFC8995 (7263) The following errata report has been submitted for RFC8995, "Bootstrapping Remote Secure Key Infrastructure (BRSKI)". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid7263 -------------------------------------- Type: Technical Reported by: Rufus Buschart <rufus.buschart@siemens.com> Section: 5.5 Original Text ------------- idevid-issuer: The Issuer value from the pledge IDevID certificate is included to ensure unique interpretation of the serial-number. In the case of a nonceless (offline) voucher-request, an appropriate value needs to be configured from the same out-of-band source as the serial-number. Corrected Text -------------- idevid-issuer: The Issuer value from the pledge IDevID certificate SHOULD BE included to ensure unique interpretation of the serial- number. In the case of a nonceless (offline) voucher-request, an appropriate value MUST be configured from the same out-of-band source as the serial-number. Notes ----- The current language is no language according to RFC 2119. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC8995 (draft-ietf-anima-bootstrapping-keyinfra-45) -------------------------------------- Title : Bootstrapping Remote Secure Key Infrastructure (BRSKI) Publication Date : May 2021 Author(s) : M. Pritikin, M. Richardson, T. Eckert, M. Behringer, K. Watsen Category : PROPOSED STANDARD Source : Autonomic Networking Integrated Model and Approach Area : Operations and Management Stream : IETF Verifying Party : IESG _______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
- [Anima] [Technical Errata Reported] RFC8995 (7263) RFC Errata System
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Michael Richardson
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Esko Dijk
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Michael Richardson
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Esko Dijk
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Rob Wilton (rwilton)
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Michael Richardson
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Buschart, Rufus
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Esko Dijk
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Buschart, Rufus
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Rob Wilton (rwilton)
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Esko Dijk
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Rob Wilton (rwilton)
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Michael Richardson
- Re: [Anima] [Technical Errata Reported] RFC8995 (… Michael Richardson