[apps-discuss] The authentication server id, was rfc5451bis
Alessandro Vesely <vesely@tana.it> Mon, 25 March 2013 12:19 UTC
Return-Path: <vesely@tana.it>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E39AD21F8BA4 for <apps-discuss@ietfa.amsl.com>; Mon, 25 Mar 2013 05:19:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.719
X-Spam-Level:
X-Spam-Status: No, score=-4.719 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A+7i1XzsydZl for <apps-discuss@ietfa.amsl.com>; Mon, 25 Mar 2013 05:19:33 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) by ietfa.amsl.com (Postfix) with ESMTP id E551E21F8BD4 for <apps-discuss@ietf.org>; Mon, 25 Mar 2013 05:19:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=beta; t=1364213971; bh=AZxcoQkUcr29n7QBLG5xBOZnvXXyljAkRJYIOtubhRw=; l=2884; h=Date:From:To:References:In-Reply-To; b=WhltP9jQLUtzWnOFW8dv1OFKzsUSzOnY2b4dVKP6yvWH4Ik4g+v6TY+PvkZX5CNrB xUG2ArNi8XrviV+3k1KTIiLEjf0SUphWXJPGWLfCkEkTJNg9tPN2ymJyPCaEDqQMOv J0gi52Dl4cmHdwYQ9NHTs0DE32odjUQAEbwwx6Nc=
Received: from [172.25.197.158] (pcale.tana [172.25.197.158]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k) by wmail.tana.it with ESMTPA; Mon, 25 Mar 2013 13:19:30 +0100 id 00000000005DC039.00000000515040D2.0000552F
Message-ID: <515040D2.1080409@tana.it>
Date: Mon, 25 Mar 2013 13:19:30 +0100
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:17.0) Gecko/20130307 Thunderbird/17.0.4
MIME-Version: 1.0
To: apps-discuss@ietf.org
References: <CAL0qLwbgjnt8Msofok3ExKBmChtQPfMEFgrrZBimEzU5CYgSjA@mail.gmail.com> <CAKHUCzxfBtLTt3p3moGgEQx+p5kr=-e2Mn58xaqNvWFGiW=Lpw@mail.gmail.com> <514432BC.1010805@tana.it> <51443483.9030805@tana.it> <CAKHUCzwBrEPSVc4VtJMKZLm+5it3h7dLiW+YZ=_xO2OwP_rLoA@mail.gmail.com> <51458A59.8040206@tana.it> <CAL0qLwYEe9Wmvr-+eZL_yqChRf+a+11zRXCmW2Md9PGvH9PK-g@mail.gmail.com> <514DFAC8.7040406@tana.it> <CAL0qLwbqNUbPOYbXQEzM6X4=RLiqCQG2TbsO9A8PaE+a3Z3oNQ@mail.gmail.com> <514EEBB7.40205@tana.it> <CAL0qLwZZ3iB1BwtfK6TxooEzbTwSxm-KZYgcMMdPUp3OyMpMag@mail.gmail.com>
In-Reply-To: <CAL0qLwZZ3iB1BwtfK6TxooEzbTwSxm-KZYgcMMdPUp3OyMpMag@mail.gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Subject: [apps-discuss] The authentication server id, was rfc5451bis
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Mar 2013 12:19:34 -0000
On Sun 24/Mar/2013 22:06:41 +0100 Murray S. Kucherawy wrote: > I'm not in favour of changing to a grammar that matches current use to > the exclusion of other uses without a good reason to do so. Since in > the prose we talk about authserv-id being a domain name in the typical > case but basically also say it could be anything the operator wants to > use, I think "value" is the right thing there. Besides the parsability point (quotes), the intended use of this piece of data is rather overloaded. Let me recap some requirements: 1. Identification of the ADMD for assessing trust relationships (and possibly also for POP3 MUAs to send back complaints, per Section 5.3 of RFC 6650), 2. uniqueness of the identifier, 3. similar in syntax to a fully-qualified domain name, 4. transport tracing data such as the SMTP queue ID or a timestamp (semantic hints would also go here, e.g. "all signatures checked but failures not reported" vs "checking stops on first success"), 5. version identification, 6. examples of valid authentication identifiers are "example.com", "mail.example.org", "ms1.newyork.example.com", and "example-auth". Bullets #3 and #6 are compatible with "domain-name". By using domain names in the traditional ways, even though they are not required to be in the DNS, operators can easily implement #1 and #2. Conversely, we'd need production rules to parse a "domain-name" inside the rest of the "value" if the grammar were relaxed that way. Alternatively, we can meet #4 and #5 by relaxing or extending the "version". For example: authres-header = "Authentication-Results:" [CFWS] authserv-id [ [CFWS] separator [CFWS] ex-version ] ( [CFWS] ";" [CFWS] "none" / 1*resinfo ) [CFWS] CRLF authserv-id = domain-name artext = ALPHA / DIGIT / ; RFC 5322 atext without "=" "-" / "_" / separator separator = "!" / "#" / ; dot-atom characters that cannot "$" / "%" / ; be part of a domain-name "&" / "'" / "*" / "+" / / "/" / "?" / "^" / "`" / "{" / "|" / "}" / "~" ar-dot-text = 1*artext *("." 1*artext) ex-version = [CFWS] ar-dot-text [CFWS] That way, we can be compatible with the current dot-atom, still allow free use, and define the id. It is grammatically involved, as bug fixes often are. Semantically, allowing "anything the operator wants to use" conflicts with the requirement that a parser explicitly knows it, in the new Section 2.4. IMHO, unrecognized ex-versions could just be ignored, as the format is determined by the field name. > We also shouldn't be making changes that aren't either improvements > to the prose or bug fixes to the normative parts. > > Keyword is probably fine for the other three you mentioned. I'll make > that change. This is obviously a bug fix since, as you pointed out, > "dot-atom" permits ambiguous productions. Thanks
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Dave Cridland
- [apps-discuss] draft-kucherawy-rfc5451bis Murray S. Kucherawy
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Murray S. Kucherawy
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Alessandro Vesely
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Alessandro Vesely
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Dave Cridland
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Alessandro Vesely
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Dave Cridland
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Murray S. Kucherawy
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Murray S. Kucherawy
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Alessandro Vesely
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Murray S. Kucherawy
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Alessandro Vesely
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Scott Kitterman
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Murray S. Kucherawy
- [apps-discuss] The authentication server id, was … Alessandro Vesely
- Re: [apps-discuss] The authentication server id, … Murray S. Kucherawy
- Re: [apps-discuss] The authentication server id, … Alessandro Vesely
- Re: [apps-discuss] The authentication server id, … Murray S. Kucherawy
- Re: [apps-discuss] The authentication server id, … Alessandro Vesely
- Re: [apps-discuss] The authentication server id, … John Levine
- Re: [apps-discuss] The authentication server id, … Murray S. Kucherawy
- Re: [apps-discuss] The authentication server id, … Alessandro Vesely
- Re: [apps-discuss] The authentication server id, … Murray S. Kucherawy
- Re: [apps-discuss] The authentication server id, … Alessandro Vesely
- Re: [apps-discuss] The authentication server id, … SM
- Re: [apps-discuss] The authentication server id, … John Levine
- Re: [apps-discuss] The authentication server id, … Murray S. Kucherawy
- Re: [apps-discuss] The authentication server id, … Alessandro Vesely
- Re: [apps-discuss] The authentication server id, … Murray S. Kucherawy
- Re: [apps-discuss] The authentication server id, … Alessandro Vesely
- Re: [apps-discuss] The authentication server id, … Murray S. Kucherawy
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Dave Cridland
- Re: [apps-discuss] draft-kucherawy-rfc5451bis Murray S. Kucherawy