Re: [Anima] [netmod] [anima-wg/anima-brski-async-enroll] Definition of new assertion type (agent-proximity) for the voucher (#18)
Kent Watsen <kent+ietf@watsen.net> Fri, 18 June 2021 20:47 UTC
Return-Path: <0100017a20e0cf30-e926da4a-8fa5-44f7-ad08-21cbde8f7622-000000@amazonses.watsen.net>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 471D43A0C5F; Fri, 18 Jun 2021 13:47:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.893
X-Spam-Level:
X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazonses.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r9lmvXa7wHft; Fri, 18 Jun 2021 13:47:23 -0700 (PDT)
Received: from a48-95.smtp-out.amazonses.com (a48-95.smtp-out.amazonses.com [54.240.48.95]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 739043A0C60; Fri, 18 Jun 2021 13:47:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=ug7nbtf4gccmlpwj322ax3p6ow6yfsug; d=amazonses.com; t=1624049242; h=From:Message-Id:Content-Type:Mime-Version:Subject:Date:In-Reply-To:Cc:To:References:Feedback-ID; bh=ORJAyW1BS0fDaz03PGD991+u9dOAWmYKe9UAJZkf7YM=; b=Pd7J0c10swLngzR0Gx1BPXBShw2VFL74SijwTBdQUcOCGwlYruHudkdsgoi3XIeh GUk4WdKOIwU1q4IfHrtiVsHMZb8pt1Qj1iRSYKfEQSmz6yZyEBK/nuk6gdzuBD+V0nQ FOGM0exUsG3/4a97ur34k01OKdsqwHibJVEDkOnA=
From: Kent Watsen <kent+ietf@watsen.net>
Message-ID: <0100017a20e0cf30-e926da4a-8fa5-44f7-ad08-21cbde8f7622-000000@email.amazonses.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_487897D6-4C95-42FD-B4E4-87CEB484DCD3"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.100.0.2.22\))
Date: Fri, 18 Jun 2021 20:47:21 +0000
In-Reply-To: <32390.1624046989@localhost>
Cc: Andy Bierman <andy@yumaworks.com>, "Fries, Steffen" <steffen.fries@siemens.com>, "netmod@ietf.org" <netmod@ietf.org>, "anima@ietf.org" <anima@ietf.org>, "Werner, Thomas" <thomas-werner@siemens.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>
References: <anima-wg/anima-brski-async-enroll/issues/18@github.com> <19872.1623779796@localhost> <0100017a16ff590b-6803346f-2ef6-4b19-88bf-3c670e32d5a0-000000@email.amazonses.com> <CABCOCHQRJB3nca36bz+gVykw5fxym7ji3GJrVMcrsW+6uUopYg@mail.gmail.com> <c8c4ea615bb2450c9a1a9fccb956909f@siemens.com> <CABCOCHRs7npz4nv3KnfHSGaDEuskPbdOSn-bjXt83r+46VEaRg@mail.gmail.com> <06674cb9709f4bd6bc2af297b929163f@siemens.com> <CABCOCHRGYM3nkUaX4_quu3JpznYXDdwejD11ppWni3wU8tEbkA@mail.gmail.com> <32390.1624046989@localhost>
X-Mailer: Apple Mail (2.3654.100.0.2.22)
Feedback-ID: 1.us-east-1.DKmIRZFhhsBhtmFMNikgwZUWVrODEw9qVcPhqJEI2DA=:AmazonSES
X-SES-Outgoing: 2021.06.18-54.240.48.95
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/SvZzDlmLPM-408X5cFSh8hs38SI>
Subject: Re: [Anima] [netmod] [anima-wg/anima-brski-async-enroll] Definition of new assertion type (agent-proximity) for the voucher (#18)
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jun 2021 20:47:28 -0000
> On Jun 18, 2021, at 4:09 PM, Michael Richardson <mcr+ietf@sandelman.ca> wrote: > > > Kent, my appologies for not putting enough context with my email. > Andy, thanks for the clarification. > > As I understand, in order to add a new assertion to RFC8366's leaf > "assertion", we have to revise RFC8366. > > Question: was it a mistake to make this an assertion, if we wanted to > be able extend it? > Can we do this via IANA registry in some way instead? In hindsight, a more extensible solution would’ve been to define "leaf assertion” using “type identityref” instead of “type enumeration”, as then external modules could define additional “identity” statements. As Andy points out, the only way new enums can be added is via a module revision. An IANA registry cannot be used to extend RFC 8366 now…if that were desired, it would have had to be defined by RFC 8366. A revision of RFC 8366 could define such behavior, but then would might wonder why not use the revision to instead flip "leaf assertion” to “type identityref”. FWIW, "leaf assertion” is not used by SZTP (RFC 8572). K.
- Re: [Anima] [anima-wg/anima-brski-async-enroll] D… Michael Richardson
- Re: [Anima] [anima-wg/anima-brski-async-enroll] D… Kent Watsen
- Re: [Anima] [netmod] [anima-wg/anima-brski-async-… Andy Bierman
- Re: [Anima] [anima-wg/anima-brski-async-enroll] D… Fries, Steffen
- Re: [Anima] [netmod] [anima-wg/anima-brski-async-… Fries, Steffen
- Re: [Anima] [netmod] [anima-wg/anima-brski-async-… Andy Bierman
- Re: [Anima] [netmod] [anima-wg/anima-brski-async-… Fries, Steffen
- Re: [Anima] [netmod] [anima-wg/anima-brski-async-… Andy Bierman
- Re: [Anima] [netmod] [anima-wg/anima-brski-async-… Michael Richardson
- Re: [Anima] [netmod] [anima-wg/anima-brski-async-… Kent Watsen
- Re: [Anima] [netmod] [anima-wg/anima-brski-async-… Michael Richardson