[Cbor] Re: I-D Action: draft-ietf-cbor-cde-04.txt
Carsten Bormann <cabo@tzi.org> Wed, 24 July 2024 20:52 UTC
Return-Path: <cabo@tzi.org>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B8DDCC14F726 for <cbor@ietfa.amsl.com>; Wed, 24 Jul 2024 13:52:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.909
X-Spam-Level:
X-Spam-Status: No, score=-6.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vdUnjusXSuqO for <cbor@ietfa.amsl.com>; Wed, 24 Jul 2024 13:52:09 -0700 (PDT)
Received: from smtp.zfn.uni-bremen.de (smtp.zfn.uni-bremen.de [134.102.50.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46566C14F71E for <cbor@ietf.org>; Wed, 24 Jul 2024 13:52:08 -0700 (PDT)
Received: from smtpclient.apple (p5089ae14.dip0.t-ipconnect.de [80.137.174.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4WTmR95jcNzDCf7; Wed, 24 Jul 2024 22:52:05 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.600.62\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <f48cc88d-7dfb-4a5d-9991-e8233dc5fdb7@gmail.com>
Date: Wed, 24 Jul 2024 22:51:54 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <143462C7-306E-4F61-BDE9-B2E2A68402EB@tzi.org>
References: <172156651003.87787.9508704613033229196@dt-datatracker-659f84ff76-9wqgv> <f48cc88d-7dfb-4a5d-9991-e8233dc5fdb7@gmail.com>
To: Anders Rundgren <anders.rundgren.net@gmail.com>
X-Mailer: Apple Mail (2.3774.600.62)
Message-ID-Hash: J7UMF7GUYKBZZK6LE75AAHHZ4VAXRMJO
X-Message-ID-Hash: J7UMF7GUYKBZZK6LE75AAHHZ4VAXRMJO
X-MailFrom: cabo@tzi.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cbor.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: CBOR <cbor@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Cbor] Re: I-D Action: draft-ietf-cbor-cde-04.txt
List-Id: "Concise Binary Object Representation (CBOR)" <cbor.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/0Wx82mJdNmxl-OLrAXQ6zQVOKPg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Owner: <mailto:cbor-owner@ietf.org>
List-Post: <mailto:cbor@ietf.org>
List-Subscribe: <mailto:cbor-join@ietf.org>
List-Unsubscribe: <mailto:cbor-leave@ietf.org>
Thank you. That language should be consistent in a useful way. Now [Inconsistent language about what to do when checks fail · Issue #18 · cbor-wg/draft-ietf-cbor-cde](https://github.com/cbor-wg/draft-ietf-cbor-cde/issues/18) On 24. Jul 2024, at 20:48, Anders Rundgren <anders.rundgren.net@gmail.com> wrote: > > This is slightly confusing. In the first section you "need to check the encoding and reject" and in the second section you "MUST follow/check" but nothing is said what to do when there is a mismatch. > > Since the appendix is non-normative, my interpretation is that the handling of non-compliant CDE is up to each implementer to specify. The appendix provides a checklist. It indeed doesn’t say what should be done when a check fails. Section 4 briefly discusses the security considerations of not checking, but not of checking and then ignoring the check. This probably needs an editorial improvement, such as a definition of “checking". Grüße, Carsten
- [Cbor] I-D Action: draft-ietf-cbor-cde-04.txt internet-drafts
- [Cbor] Re: I-D Action: draft-ietf-cbor-cde-04.txt Carsten Bormann
- [Cbor] Re: I-D Action: draft-ietf-cbor-cde-04.txt Anders Rundgren
- [Cbor] Re: I-D Action: draft-ietf-cbor-cde-04.txt Carsten Bormann