Re: [apps-discuss] Slash and version number in Authentication-results: header field (was: I-D Action: draft-ietf-appsawg-rfc5451bis-02.txt)

Scott Kitterman <scott@kitterman.com> Mon, 20 May 2013 08:45 UTC

Return-Path: <scott@kitterman.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9507421F92EC for <apps-discuss@ietfa.amsl.com>; Mon, 20 May 2013 01:45:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8+SITN3RLCbO for <apps-discuss@ietfa.amsl.com>; Mon, 20 May 2013 01:44:36 -0700 (PDT)
Received: from mailout02.controlledmail.com (mailout02.controlledmail.com [72.81.252.18]) by ietfa.amsl.com (Postfix) with ESMTP id 1043221F92BB for <apps-discuss@ietf.org>; Mon, 20 May 2013 01:05:20 -0700 (PDT)
Received: from mailout02.controlledmail.com (localhost [127.0.0.1]) by mailout02.controlledmail.com (Postfix) with ESMTP id 28A4820E40D2; Mon, 20 May 2013 04:04:37 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kitterman.com; s=2007-00; t=1369037077; bh=H77w6Ty+VvbTcoyjeZhEFyr0a9Ue4mIMYwobLo535CI=; h=From:To:Subject:Date:In-Reply-To:References:From; b=GpFRbPIbLaXUtNDMC+cbTe7gR8LjwQQwDZ4t/m1tnr2rcdhbK5PCd8gBzhy7TJt/V 3ycYqDWu4dRZij2YShVdgUGdv0J5TSdeNnBCNiLejGR/4rDgt+NTb4pGb+m8wKmu81 5ftlZEyQIMTfYIlBTN/jale3jfW3w7/GHkORd5wE=
Received: from scott-latitude-e6320.localnet (static-72-81-252-21.bltmmd.fios.verizon.net [72.81.252.21]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout02.controlledmail.com (Postfix) with ESMTPSA id 0D41E20E40CF; Mon, 20 May 2013 04:04:36 -0400 (EDT)
From: Scott Kitterman <scott@kitterman.com>
To: apps-discuss@ietf.org
Date: Mon, 20 May 2013 04:04:36 -0400
Message-ID: <1839863.GGbvcjnLQZ@scott-latitude-e6320>
User-Agent: KMail/4.10.2 (Linux/3.8.0-21-generic; KDE/4.10.2; i686; ; )
In-Reply-To: <6.2.5.6.2.20130519232054.06b2a318@resistor.net>
References: <CAL0qLwZuMOky2rLBm4UYhgNJmyXaPyO25WhBGrrgK4DUKcAWqg@mail.gmail.com> <alpine.BSF.2.00.1305191104290.85717@joyce.lan> <6.2.5.6.2.20130519232054.06b2a318@resistor.net>
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"
X-AV-Checked: ClamAV using ClamSMTP
Subject: Re: [apps-discuss] Slash and version number in Authentication-results: header field (was: I-D Action: draft-ietf-appsawg-rfc5451bis-02.txt)
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 May 2013 08:45:37 -0000

On Monday, May 20, 2013 12:14:06 AM S Moonesamy wrote:
> Hi Alexey,
> 
> Scott Kitterman mentioned [1] that the following:
> 
>    authres-header = "Authentication-Results:" [CFWS] authserv-id
> 	[ [CFWS] "/" [CFWS] authres-version ]
> 
>   'is an incompatible change and if you really want to make it, you should
>    bump the version number.  I checked and with authres, your example is
>    mis-parsed.
> 
> 	Authentication-Results: example.org/1; none
> 
>    In this example, the authserv-id is "example.org", but authres, using the
> RFC 5451 ABNF parses this and determines the authserv-id is
> "example.org/1"'
> 
> Murray Kucherawy commented that he has "yet to see a single
> implementation that includes a version number in its output, though
> there are some that do look for it" [2].  John Levine responded that
> his implementation does [3].  He also mentioned that the introduction
> of the slash (see ABNF) creates an incompatibility.
> 
> There is also the following in Section 5 of
> draft-ietf-appsawg-rfc5451bis-02:
> 
>    "An MTA SHOULD remove any instance of this header field bearing a
>     version (express or implied) that it does not support."
> 
> Will the addition of the slash cause an interoperability issue?
> 
> Regards,
> S. Moonesamy
> 
> 1. http://www.ietf.org/mail-archive/web/apps-discuss/current/msg09460.html
> 2. http://www.ietf.org/mail-archive/web/apps-discuss/current/msg09463.html
> 3. http://www.ietf.org/mail-archive/web/apps-discuss/current/msg09465.html

If an implementation based on 5451 receives a future 5451bis header field with 
an authserv-id of example.com and a version number of 2, it would read that as 
an authserv-id of example.com/2 and an implicit version number of 1.

Both getting the version number wrong and the authserv-id wrong could have 
interoperability implications.

Scott K