IETF Logo Mail Archive

Re: [Anima] rfc822Name use in Autonomic Control Plane document

Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 24 June 2020 03:38 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07F7D3A0769 for <anima@ietfa.amsl.com>; Tue, 23 Jun 2020 20:38:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.005
X-Spam-Level:
X-Spam-Status: No, score=-1.005 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b0BgKEnIer-M for <anima@ietfa.amsl.com>; Tue, 23 Jun 2020 20:38:06 -0700 (PDT)
Received: from mail-pf1-x442.google.com (mail-pf1-x442.google.com [IPv6:2607:f8b0:4864:20::442]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 412503A0766 for <anima@ietf.org>; Tue, 23 Jun 2020 20:38:06 -0700 (PDT)
Received: by mail-pf1-x442.google.com with SMTP id p11so478224pff.11 for <anima@ietf.org>; Tue, 23 Jun 2020 20:38:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=W7cz/XrbKb+JDssUQxTXD7nKHZA3HAg5VLDuipbYSkg=; b=rsh+AJw5XadQ8goE1vgbRlwnD+wyU6JRVynz9AnpkDn1hAHbzDOTeV5GmpiWa0peo0 86HgsYs76H+bnLXEQVs16ZfyUist035THwHIDd0CJQT9wBouiWg1vAJBKBWKejPnDqbM Wyhf6AFK43F1ZvipaLkxL2I++QCThD6CsiiUuUT+DXH7TdCLkgJf5Dv28H5fzBKRLUQr CaVwEtHIFroSpiQuo9xFaXYxTit+4Y7flL1Krhbf/kgJyPk5PONB93/hI4PCncw3fm6a /zIRAVxKe70b+aw6OSPsZmRDUx3qSFP0UgSwtgWZGx1OIfHOx4jPKH5NvxCz967nQeWv BqNw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=W7cz/XrbKb+JDssUQxTXD7nKHZA3HAg5VLDuipbYSkg=; b=ULEaJUm/rKuBfGvXk/UbN+ePSScUnZ7Wnqiu49fgSP/nzA3pp4IBlTtL1eb52fQ8SQ 6VrO5+HounQeQ5C+rgBNBFk5RbrTDerSlc6Swlj8d55i12DVrvjXmEdp2uKLvNIULtLH joDiRMDB/nYyMjbRhxSej8HLmk4mahwB4bLX2+kbML+dgPRUfbnrB1zMkgapeKeKdZ3X f1/QIhBUcBYr8LenunFl3oJniQghDyRpCMtkpcz4F29aWQce4kbSCqeIpw4Vyrgtw7/X zFF0bVIlbyKzJv8h2lOlR+T1Y0C4mUtz2i/bZnPN1hLAKcqtjj/edIQlfHUihOBV2m+2 dIhg==
X-Gm-Message-State: AOAM531c1i4x91gn+3Zse/XP5foIrNlhWAbYI/lf/4b5t17uE/LXBu89 QCrqxOyRblfs9XMKYssSj66q2E1j
X-Google-Smtp-Source: ABdhPJx64t1FuEyRhLYmPMbkzFbRidJjvQrRAxB7zZw2QVxrDvJXMbrUb72vvRTicyGSWCmcaa1+nQ==
X-Received: by 2002:a63:360c:: with SMTP id d12mr12062145pga.414.1592969885674; Tue, 23 Jun 2020 20:38:05 -0700 (PDT)
Received: from [192.168.178.30] ([118.149.66.243]) by smtp.gmail.com with ESMTPSA id s194sm15363022pgs.24.2020.06.23.20.38.01 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 23 Jun 2020 20:38:04 -0700 (PDT)
To: Toerless Eckert <tte@cs.fau.de>, Benjamin Kaduk <kaduk@mit.edu>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, sean+ietf@sn3rd.com, Russ Housley <housley@vigilsec.com>, anima@ietf.org, rfcSELF+fd89b714F3db00000200000064000000+area51.research@acp.example.com
References: <11428.1592266833@localhost> <a0face89-da68-f75d-4a57-4deb9d0f244d@gmail.com> <20200617024412.GA11992@kduck.mit.edu> <20200624030817.GA47499@faui48f.informatik.uni-erlangen.de>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <4af6d6e0-6d1c-c06d-a5a2-85a870b76085@gmail.com>
Date: Wed, 24 Jun 2020 15:37:58 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <20200624030817.GA47499@faui48f.informatik.uni-erlangen.de>
Content-Type: multipart/mixed; boundary="------------600AE1684B4F1F31AD8178E3"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/o_y0FXpFXpq2xo1NBQEPCN89zHE>
Subject: Re: [Anima] rfc822Name use in Autonomic Control Plane document
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jun 2020 03:38:08 -0000

On 24-Jun-20 15:08, Toerless Eckert wrote:
> On Tue, Jun 16, 2020 at 07:44:12PM -0700, Benjamin Kaduk wrote:
>>>> We already had this debate.

....
> 
> "violates the rules set down by the specification for the technology"
> 
> ??
> 
> I have not seen any supporting evidence for that. the rfc822name is
> a perfect rfc822name formatted string.

Well, more than that. It's a perfectly valid email address, accepted by conformant SMTP servers.

Yes, it does lead to a delivery failure, but it doesn't just *look like* an email address, it *is* an email address. Why is it misuse of rfc822name to express a valid email address that has no mailbox behind it? Is this in any way a security vulnerability? What does it break?

I still don't see how this qualifies as a DISCUSS issue. I do see that it is unaesthetic. I do see how it meets several of the DISCUSS non-criteria at https://www.ietf.org/about/groups/iesg/statements/iesg-discuss-criteria/#stand-undisc

   Brian
--- Begin Message --- 
** Address not found **

Your message wasn't delivered to rfcSELF+fd89b714F3db00000200000064000000+area51.research@acp.example.com because the domain acp.example.com couldn't be found. Check for typos or unnecessary spaces and try again.



The response was:

DNS Error: 111832 DNS type 'mx' lookup of acp.example.com responded with code NXDOMAIN
Domain name not found: acp.example.com
--- Begin Message --- 

Regards
   Brian Carpenter

On 24-Jun-20 03:46, Stephen Kent wrote:
> Owen,
>>
>> Being completely pedantic about the RFC5280 text, nowhere in the text does it say that rfc822name cannot be used for anything but email address. It does state multiple times that an email address must be represented as an rfc822name, but places no explicit restrictions on what an rfc822name may represent. The text as is does not explicitly preclude use of rfc822name for ACP. This may be the widespread understanding of what RFC5280 means, but its not strictly what it says…
>>
> Common sense argues against putting something other than an e-mail address in the rfc822namem attribute.
> 
> I expect ADs to use common sense, as well as careful reading of prior RFCs, when making decisions.

Indeed, but that cuts both ways, since running code is our goal. No parser is in a position to say that rfcSELF+fd89b714F3db00000200000064000000+area51.research@acp.example.com isn't an email address.

   Brian

> 
> Steve
> 
> 
> _______________________________________________
> Anima mailing list
> Anima@ietf.org
> https://www.ietf.org/mailman/listinfo/anima
>
--- End Message ---
--- End Message ---

v2.23.0 | Report a Bug | By Email