Re: [Anima] [media-types] Fwd: Thoughts on suffixes, single and multiple
Michael Jones <michael_b_jones@hotmail.com> Thu, 04 April 2024 22:31 UTC
Return-Path: <michael_b_jones@hotmail.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 554CDC14F704; Thu, 4 Apr 2024 15:31:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.223
X-Spam-Level:
X-Spam-Status: No, score=-1.223 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FORGED_HOTMAIL_RCVD2=0.874, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hotmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7byn8HS-1-lQ; Thu, 4 Apr 2024 15:31:34 -0700 (PDT)
Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11olkn2042.outbound.protection.outlook.com [40.92.18.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 828FEC14F6FA; Thu, 4 Apr 2024 15:31:34 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=obgu7i63JhlbLa990jrp2Vsu/oi3AJXHxqQgkd84fQbZPlJWSwzcmCAw7iLpLdU9JvKUhNaR3GO+OwoOsMmaGAjzu7mgAYADBV27GlXSG2YzttscKFS0fZ//ErbcC2A6aDOPrNXOpOgPNP239oZLoWQDMeTCh+duc3vbWZFOWJmiD06gN0B6I3N8ZhQ/QyQgOpCKif9lIojaiB7M0gaB3PMj7+uGN5qvA8La6H3VM9j2ckGozaL40tFiVztI/QBrdm/nFBdFYJeLK7OOLVJNAm1tRq99OhcJvvWRsHuLcR55Ck8sJnTSNnPtfcJ0IXpdmuVS70CQQxoVuyxMqCCLPA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PCghjq44Z/yN+/KtP86A+3Qr9hlsf7SA76F/X6Ybl5s=; b=kfRo9SbD6lsfnsJD9pYygT+gT3oDcaIxpLIy/PSzT3o/3fInq+9CgtYLvdGh1czupzjQ8bEn3OnsSduxIFLOc8/MLr7Bjpg2yYayjqS2mfKo8XzxA2f+Tox2Ko6b1dzlY6f33mo/SXmn4sxoQqMvRn7NO3CgwyDfxTsoj/mD4auUbvQWyKnzpb5rKkfCrkkZcTOSISDbKX3TBEgva/BDGg3ieAp3CejThKQtKG78QZSxCRasFi338XikUhTGLZugMgH7xfK3HSogDglzFKbgt8N1uWTJRq8XNncUW2AoCc5KcJk1jSWH12WAriRVKHZHQnb/YTk2y5jdoicb+PTklQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PCghjq44Z/yN+/KtP86A+3Qr9hlsf7SA76F/X6Ybl5s=; b=Vej+HrE7D5Y+8WTSvVM2uKz3CrjfFuZ5ZeQU12gu2xa4qcgrzNl32uTjCYaSt399OlaCN1PB/eId+tIhiGVJITnhdI2ubsB1Pj6hNQUIougMJ9zmY4Bn3VTFGuxCfCqE6e3BMzvABSI/Bmt4eKJTXiiCi8ckdeMds/kAqG3eC6G3g+oiDJfjAqW3Rz9gA6yYjKCmooysVLdMgvUKn5h+7Xvx2XQvpoFiFf2GA7dmqINlMcY7LTlJAaODMOJbZLlEdND+fHdx837QT/A0g0cgAZQ5Qxl5+15yFk/NJ2WBd/yYM75wrrYb1Cq7jZFpzij4re5rdClUPTGgfGl29xwWoQ==
Received: from SJ0PR02MB7439.namprd02.prod.outlook.com (2603:10b6:a03:295::14) by MN2PR02MB6941.namprd02.prod.outlook.com (2603:10b6:208:20a::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Thu, 4 Apr 2024 22:31:32 +0000
Received: from SJ0PR02MB7439.namprd02.prod.outlook.com ([fe80::7c2c:4b2:7be3:4f66]) by SJ0PR02MB7439.namprd02.prod.outlook.com ([fe80::7c2c:4b2:7be3:4f66%4]) with mapi id 15.20.7409.042; Thu, 4 Apr 2024 22:31:32 +0000
From: Michael Jones <michael_b_jones@hotmail.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>, "media-types@ietf.org" <media-types@ietf.org>
CC: "anima@ietf.org" <anima@ietf.org>
Thread-Topic: [media-types] Fwd: Thoughts on suffixes, single and multiple
Thread-Index: AQHahs3BWfrxCeZscUqRyRQpUuDfb7FYroqw
Date: Thu, 04 Apr 2024 22:31:32 +0000
Message-ID: <SJ0PR02MB74395275F1DCDEAA8B61F40FB73C2@SJ0PR02MB7439.namprd02.prod.outlook.com>
References: <2E20FEDE-C766-43EE-A6E2-1FB63E79CF0B@mnot.net> <CAN8C-_JWg8MOOwxo-yxASO5K8nkS9ADOvOJoAGEV2Mxxae6YAQ@mail.gmail.com> <1810.1712262101@obiwan.sandelman.ca>
In-Reply-To: <1810.1712262101@obiwan.sandelman.ca>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-tmn: [vc9G6lj4Zd5WwG1rkmfnRHmUDgJ3TunnYUj07cDHVWk1rL1pQDBItQ7WH7xf5jpL]
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SJ0PR02MB7439:EE_|MN2PR02MB6941:EE_
x-ms-office365-filtering-correlation-id: 53d4d3a2-fcff-4304-7ab1-08dc54f6fae3
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: aVLHrWm5SVK7PG6O7zX6MtikNq19VEyyuJ5+gicUuy/QejDtdJudMdUeERqNES4GlXIG060bgyXrJ2ObpXsypE445cAerzhe22jmkhvwTeOm3wh15+KDtIV1F1EFlXZYk0vDR10j+9kMPBDrBL2RgJ7voKKCTOLE3OUi8AK8XbxhFZqosc8zsyOnYBF3Tk2zcPs+gZAwa/4lnfZqrm85T58oflGKMNS/SPuFL6/l8iR5rIX14uiduVU+xLceGcAfcIeikmDWhETqCOuV1Dlgen7FqrjxJ2bOAgiKG9sU2xrHYi8GnmuZOnrbqla0qWq5woTm1CAyhvgHEwxSHXZWGX7H4Wg8/Jg2C2Ria7x0fnl9NVhQPhPMfTdLNCXW2Yni7z4RP/28ER3r5gEKIqayCPapDSClCTpqma7ICpXHSEcV7oTv2cbKtQuhAHsqNWPrqwcPOXdyZ3nCdDTepCjbqrIgdWTIXvoTLEExHe4d0gCoE1j3CpLGzPc9sEyHbe5+abLQdSlOjx79HNy5TzAgM+IujKJZM/n40MAJ1Cx2UtW8P4Q6h8QxFGjgtrlQuoJuTQ0DMCMCM6ZBTiro5+njoPksZ1w5x2VWxo5b03BrK6u/y1VJB4iTaK71inf2l2z5xKTixRaKMv5QHE5zIljUKku9Ed4zpsU9Ji5IG5ML2bc=
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: g526ILsSW/8sYhdgbwWyZ5y/1Ekt0S3MvOVWYfskc7BMmU8LH5tjHMzSit7EXZa1noz430tLjuGAbfQCMIuPj8lVhzV+puuImSuY97Ia4m7qy1fRjU3tUjN6B3s6I3+osOwqMECaBpFJ3BUgQMiE8SZTsBobdSIoFjylXOaLC+3SFuC0fZ4W8qESpfOCOnOomO8md2/0dPB1fEIcq5ndZVVNLTnoBDb8oioBEmDGMXYBisOjl7RRlwHdfVjblk1/ZVH2k0CLPanigSjPVfWk67Ii7ffTCVULDS/xm8XunWfhEBlqR15mWUnvKNheti9R652N+hLUimBisc/oyCyP4wpEmXNNLd20DNfyYsht380QU5KTP1TT01jrXBhQ/hP1B9D6VlMdQjyqRwhnQ1mvujfhuwYmGrYpcGrw3v76dIhrpycXkaXP+9sB1LMM7AGE0JMrSjSpJi+podpNIj4/eytJuaThocULhqjc+R4+p6wSWKQVoMXuTPdw5Abl5kWdsRagg+uxkf/lycbTRtqZqY3Wt56SCMZOBMJ5991aOshxlSKL9wcbxz8lCPLkYtvS5h+tDxvG1E+fuJFe80t5EYV0djKVVYF48DuFOdSR/MWvIjn1ysfQBk02cDevasR4MIVXUYv93swkSihYGPJsaOL5rX+MxPw2aGYA14CEEqX8k2Z8D1cmRWwVlbCc95JtoDSWENdK55illg5yzTVSukUXFdJjL/BEu+P1JO8Wrodgh6x9kfqjSf1ynxjmENHmjFOiC8tEcUKv2p7bwwWyVYwq82D+4HQCJsuCkpvr3cWIXRX3W/JKg5r7LzOhyNM6jNgQbQkOV6sglDaz3nYh+LhG1ChMx2ATEAPaTzlzf9xYXXgCOmMlGAh5WTRdIoflI7GtYATrpibTH+1AZmkcA/mwcF40zrUBzyidWhzOu5PuyrLRD0fYECy9P/rzIbwhIg92GQKMddZQR1yCE6DFUr7ZyyhjSje9Oe6JyGxPxkSSVNQTRxt/PN4uNH33qtWmGdHfOsmv/1UNmkjDD8Cv7M+IeUZ8ss91p9LDblUnG6Wupxze0YaS35dIhoMhbMTRq38GeE9axtmF70/qn3s7xDaSYxmxPDYzToQZlztwQmbTeACiNcXIh/AqjVgwYwO01hL5M0ZKcNwAuRn8P8qGug7XdnRsnPJyVypek8giJe7xC31vkHNDyVOzZDoMJM/Yd3JgTS6m3ST6nuhb2bXra2kG4sP1AEDwANTjTRqZ6KKCK7Mur/PQGDMqc19bGdhHHAoevYzFKRZfuU5uMUqaNZHkzHLjR8v2Cx0YwUmgZPTgfIo1U1PCzNUQtxKPxuUM
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-99c3d.templateTenant
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ0PR02MB7439.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: 53d4d3a2-fcff-4304-7ab1-08dc54f6fae3
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Apr 2024 22:31:32.7436 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR02MB6941
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/mJ0b5G41jw1vMzF3kHpwK4Oy1AY>
Subject: Re: [Anima] [media-types] Fwd: Thoughts on suffixes, single and multiple
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Apr 2024 22:31:38 -0000
Michael R., you wrote: > 1) application/voucher-cms+json aka voucher+json+cms? I don't think these make sense since CMS is X.509 - not JSON. You could reasonably use application/voucher-cms or application/voucher+cms. > 2) application/voucher+cose or? voucher+cbor+cose? application/voucher+cose would make sense. I don't think the +cbor adds anything useful here. > 3) application/voucher-jwt+json aka voucher+json+jwt? Neither of the above make sense. JWTs are sequences of base64url-encoded characters separated by periods. They are not JSON. application/voucher+jwt would make sense. -- Mike P.S. Note that my response is about the specific possible media type names and doesn't really touch on the general questions being discussed in the thread. -----Original Message----- From: media-types <media-types-bounces@ietf.org> On Behalf Of Michael Richardson Sent: Thursday, April 4, 2024 1:22 PM To: media-types@ietf.org Cc: anima@ietf.org Subject: Re: [media-types] Fwd: Thoughts on suffixes, single and multiple original, entire thread, for ANIMA people: https://mailarchive.ietf.org/arch/msg/media-types/iWc8TLcWOyO0jyqeiuF9VCZClIs/ mnot> After the meeting in Brisbane, some of us went aside to continue to mnot> the multiple suffixes discussion. There, we quickly came to the mnot> conclusion that we should deprecate the concept of suffixes in mnot> media subtypes -- i.e., they would still be syntactically allowed, mnot> but would have no meaning or registry. Martin Thomson and I took an mnot> action to write something down about this. uhm. okay. We in ANIMA have been struggling because we have an artifact, a voucher (YANG defined in RFC8366, being revised/extended in 8366bis), which can be in two major formats: JSON and CBOR (in theory, XML too), but can be signed by three formats (CMS, JWS, COSE). That gives us three major variations today: 1) application/voucher-cms+json aka voucher+json+cms? 2) application/voucher+cose or? voucher+cbor+cose? 3) application/voucher-jwt+json aka voucher+json+jwt? (because CMS signing CBOR seems dumb, as does mixing {JSON,CBOR} X {JWS,COSE}) We didn't know if we should resort to multiple suffixes or not, and the lack of apparent progress on this has been a pain. So, thank you for the decision as it takes the options off the table, I guess, even if I'm bit surprised by it. mnot> The widespread use of +xml and +json in particular made me more mnot> cautious about deprecating suffixes altogether -- especially since mnot> we still sort-of believe that they are indeed used by (or at least mnot> potentially useful to) things like editors to hint syntactic mnot> conventions. Also, +gzip makes it pretty clear you can maybe do something with it, if you just know how to decompress. mnot> 1) Disallow more than one "+" sign in media subtypes, as floated at mnot> the meeting. This would put a fair amount of pressure on the mnot> registry's ability to reflect reality, depending on how widely mnot> deployed some things get (although we could grandfather some types mnot> in to ease the pressure here). I suggest keeping +gzip and +xml. mnot> 2) Syntactically allow suffixes before the last one, but not assign mnot> them any meaning or register them; e.g., application/foo+bar+xml mnot> would be an XML format, but who knows what bar is; effectively, mnot> it's just part of "foo+bar". This would allow people to define mnot> suffix-like things, but wouldn't give them any recognition or mnot> coordination -- potentially leading to the need to formalise things mnot> more down the road, just as we did in the first round of suffixes. It doesn't seem any different than foo-bar+xml to me. mnot> 3) Consider multiple suffixes, when they occur, to be unrelated mnot> hints as to the syntax of the format -- i.e., there is no mnot> processing model, there is no ordering (although a registrant would mnot> have to choose an order; registrations with different orderings mnot> should be refused). Effectively, suffixes would just be a 'bag of mnot> hints' about the format being used. Not that useful, but I could live with it. mnot> ### Defining What Suffixes Are For (no matter how many there are) mnot> After the discussion in Brisbane, I strongly believe that suffixes mnot> should ONLY be for hinting about the syntax or format convention in mnot> use, as an aid eg to editors, syntax highlighters, etc. This is the mnot> proven use case for media type suffixes. Suffixes should not be mnot> used to hint semantics; only syntax. We should have strong language mnot> about the dangers of using suffixes to hint particular kinds of mnot> processing; cf the previous discussion on the 'polyglot problem' mnot> and the potential security issues around performing processing mnot> based upon suffixes. Well, it also helps forensics and dissectors; but I accept that in essence, those are just specialized kinds of "editors" mnot> The suffix registration process should be designed to assure that mnot> only such suffixes are registered. mnot> Note that in this view, "+ld" is very likely unregistrable. ! mnot> ### Cleaning Up Existing Suffixes mnot> +gzip and +zstd are problematic; the former should be disallowed mnot> for new registrations, and the latter should be removed or mnot> obsoleted in the registry. Likewise, I am highly suspicious of +jwt mnot> and +cose. +zip _is_ a format convention, so I suppose it's OK? So, +jwt and +cose says, "this is a signed object, and if you look in the payload slot, you might find something you might know how to decode" (or not) But, for many formats they only appear in a signed form in the wild, so maybe this just doesn't matter. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | IoT architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [ -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
- Re: [Anima] [media-types] Fwd: Thoughts on suffix… Michael Jones
- Re: [Anima] Fwd: [media-types] Thoughts on suffix… Michael Richardson
- Re: [Anima] [media-types] Thoughts on suffixes, s… Mark Nottingham
- Re: [Anima] [media-types] Fwd: Thoughts on suffix… Michael Richardson
- Re: [Anima] [media-types] Thoughts on suffixes, s… Michael Richardson
- Re: [Anima] [media-types] Thoughts on suffixes, s… Esko Dijk
- Re: [Anima] [media-types] Fwd: Thoughts on suffix… S Moonesamy