IETF Logo Mail Archive

Re: [Anima] Content-Transfer-Encoding and HTTP 1.x in ANIMA BRSKI

Brian E Carpenter <brian.e.carpenter@gmail.com> Thu, 13 June 2019 20:33 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9A9B6120447 for <anima@ietfa.amsl.com>; Thu, 13 Jun 2019 13:33:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NYKw7M36p5_6 for <anima@ietfa.amsl.com>; Thu, 13 Jun 2019 13:33:36 -0700 (PDT)
Received: from mail-pg1-x532.google.com (mail-pg1-x532.google.com [IPv6:2607:f8b0:4864:20::532]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0A5C1202AA for <anima@ietf.org>; Thu, 13 Jun 2019 13:33:36 -0700 (PDT)
Received: by mail-pg1-x532.google.com with SMTP id s21so142438pga.12; Thu, 13 Jun 2019 13:33:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=Um9M4nk5OXY6VJF1kJPzMjTwQXoFscI8WKV5NEtdbD4=; b=Bqnm63BNWfA+gGAosX4Zi5xXoqqMrgDRBh6eBxNLWmsaCJD/dRXOh13TWhZ0pHwwYT VdP+1xW6+pEvO6txl1K3j4yhvWTrlYvT8TRjMJN8j09ZRBYAwXtJrDFPH2md0rKImImf gYRz6ItGZcMcAY7hq5pazDz8yfKJe7rTTRtj2/GV0cYClcUMO8IbScQi2sM8RAdqFiUu Bk33Bo9ErEjf4MBt0RKq6Nasnx4LlAOrB/dhicEGroPSJAUgMgQA4olDZopW20vBezet LTnzhLC2GbBOlo+wHgZTS+RrXyOHhtp4Z0jD8AiqxCC+2Xb53s9qrmvIjFJCIhRRT1Ud E+mg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=Um9M4nk5OXY6VJF1kJPzMjTwQXoFscI8WKV5NEtdbD4=; b=adxYkOgDQWrqSblJxbNg5cZogKTN7ZGioGF4N+ms8sZbz20HusKHazd8lUknJP/znR O/K5dtOQh+Rc00dA7Oxp7yNWRuWafF23M6DI8FMu70/kPVHs5r+qecAWHn54ZFpdieGz Uj5n4ZOM2fhX0nqPT+hkraawklrxamFnXIlVgkZIfrQhNgElKeoteFjwvb97+DSpyMlD uZ9Mt0VCf1CvKhNJGUNiLI88e0Lhgz589bBk1p1F0pnJKUda+kRGpegEAC+iNr19TZjP z0bUWRQ4aiIUwMitewe+qY5X1I/FnohyopMVxkk0Ycpg0FYgejxneMYph81qaK5r0xEA h+Dw==
X-Gm-Message-State: APjAAAUJqbeXvZVa/d8Doh29L0C4E3DSxlVI70m5g03WbnMiufTQEViO Zsiwl9KeR1a0NMrNQb/4W9LmHiEc
X-Google-Smtp-Source: APXvYqyTTGrAUmD8ZhTW4s5lW6TUiz8/npRc2fDBTeuMfFowmA4FuJozfvqkXsQcugbkHlF2g3ZQoA==
X-Received: by 2002:a17:90a:1b4a:: with SMTP id q68mr7361995pjq.61.1560458015681; Thu, 13 Jun 2019 13:33:35 -0700 (PDT)
Received: from [192.168.178.30] (32.23.255.123.dynamic.snap.net.nz. [123.255.23.32]) by smtp.gmail.com with ESMTPSA id u5sm610273pgp.19.2019.06.13.13.33.31 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 13 Jun 2019 13:33:34 -0700 (PDT)
To: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>, Michael Richardson <mcr+ietf@sandelman.ca>, Eliot Lear <lear@cisco.com>
Cc: Julian Reschke <julian.reschke@gmx.de>, "draft-ietf-pkix-est@ietf.org" <draft-ietf-pkix-est@ietf.org>, Carsten Bormann <cabo@tzi.org>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, Anima WG <anima@ietf.org>
References: <32410.1560275231@localhost> <15839.1560351718@localhost> <8a538f76-787d-de13-97f1-16195daae8ce@gmx.de> <F896BCBC-6C32-4107-B4B5-C12617F81326@tzi.org> <AD4DC1AA-C332-4BC7-B095-0CDD30700B99@cisco.com> <909.1560436148@localhost> <BN7PR11MB25473A12F646FAC8C19C1118C9EF0@BN7PR11MB2547.namprd11.prod.outlook.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <1b9a76bb-4b95-8e30-1fec-bb1fb011fab5@gmail.com>
Date: Fri, 14 Jun 2019 08:33:29 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0
MIME-Version: 1.0
In-Reply-To: <BN7PR11MB25473A12F646FAC8C19C1118C9EF0@BN7PR11MB2547.namprd11.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/chPsNwpWDYq0FpMcBupPE5nz5eM>
Subject: Re: [Anima] Content-Transfer-Encoding and HTTP 1.x in ANIMA BRSKI
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jun 2019 20:33:39 -0000

On 14-Jun-19 05:18, Panos Kampanakis (pkampana) wrote:
> The libest server or proxy will generate the CTE header as specified in RFC7030. The libest client will parse it, but it will not reject the response if the header is not there. It expects base64 encoded PKCS#7, not binary though. Note that in _https://datatracker.ietf.org/doc/draft-ietf-ace-coap-est/_ we assume all cert payloads are binary.
>  
> Now, I don’t know how other EST clients would act. There are many out there by now that we can’t safely tell if they would act up.
>  
> The commercial and enterprise CAs I tested with interoped fine with the libest client and they were not all sending the CTE field. They payload was base64 though.
>  
> To address the erratum, I would lean towards a recommendation against using the CTE header based on the referenced standards and state that base64 encoding is implied.

https://tools.ietf.org/html/rfc7231#appendix-A from June 2014 makes it all very plain. However, there is a small problem of running code.

There's already an erratum: https://www.rfc-editor.org/errata/eid5107

For whatever reason, it is sitting in state "reported" since 2017.

    Brian

v2.23.0 | Report a Bug | By Email