Re: [Cbor] Benjamin Kaduk's No Objection on draft-ietf-cbor-tags-oid-06: (with COMMENT)

Benjamin Kaduk <kaduk@mit.edu> Thu, 08 April 2021 22:49 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 445233A2015; Thu, 8 Apr 2021 15:49:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.198
X-Spam-Level:
X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MxIgKhcOC4ht; Thu, 8 Apr 2021 15:49:11 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A3043A2011; Thu, 8 Apr 2021 15:49:10 -0700 (PDT)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 138Mn12j018121 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 8 Apr 2021 18:49:06 -0400
Date: Thu, 8 Apr 2021 15:49:00 -0700
From: Benjamin Kaduk <kaduk@mit.edu>
To: Carsten Bormann <cabo@tzi.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-cbor-tags-oid@ietf.org, CBOR Working Group <cbor-chairs@ietf.org>, cbor@ietf.org, Christian =?iso-8859-1?Q?Ams=FCss?= <christian@amsuess.com>
Message-ID: <20210408224900.GA79563@kduck.mit.edu>
References: <161783417685.27338.2878236772630764165@ietfa.amsl.com> <F32E1CFE-D37B-438C-BABF-9139F926EDA9@tzi.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <F32E1CFE-D37B-438C-BABF-9139F926EDA9@tzi.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/BAwn5o4rky7kDXzcsdfSADjDl40>
Subject: Re: [Cbor] Benjamin Kaduk's No Objection on draft-ietf-cbor-tags-oid-06: (with COMMENT)
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Apr 2021 22:49:15 -0000

Hi Carsten,

On Thu, Apr 08, 2021 at 10:00:24AM +0200, Carsten Bormann wrote:
> Hi Ben,
> 
> > ----------------------------------------------------------------------
> > COMMENT:
> > ----------------------------------------------------------------------
> > 
> > I made a PR at https://github.com/cbor-wg/cbor-oid/pull/9 with an
> > editorial suggestion (it ended up being just one -- well done!).
> 
> Merged, thank you.
> 
> > Is there anything useful to say about how bstrs tagged in this way will
> > be (mis?)interpreted by implementations that don't understand these tag
> > values?
> 
> I don’t think there is anything specific beyond what is true for all tagged byte strings.
> 
> > Section 2
> > 
> >   Tag TBD110: tags a byte string as the [X.690] encoding of a relative
> >   object identifier (also "relative OID").  Since the encoding of each
> >   number is the same as for [RFC6256] Self-Delimiting Numeric Values
> >   (SDNVs), this tag can also be used for tagging a byte string that
> >   contains a sequence of zero or more SDNVs.
> > 
> > I did not think that CBOR was prone to reusing tag values for types that
> > are semantically different but happen to have the same binary encoding
> > rules.  Should generic SDNVs get a dedicated tag?
> 
> Relative OIDs by their nature need context to interpret them.
> The same kind of context could say that they are really SDNV sequences outside the OID mechanism.
> Saying “this is an SDNV sequence but I won’t tell you how to use it” isn’t particularly useful.
> New tags could be allocated when specific non-OID SDNV usage patterns emerge.

Okay, thanks for talking through it.

> > Section 7.1
> > 
> > Please note which range (and encoded length?) the allocations should
> > come from.  Alternately, mentioning specific requested values here might
> > be wise (given that there are examples that assume specific values).
> 
> The request follows the pattern we have emerged of calling unassigned but suggested values TBD4711.  Examples of course may need to bind to specific values, which is where we used the suggested values.
> 
> Made the range explicit, a7b222f.
> 
> > Section 8
> > 
> > We might mention something about how when tag factoring is in use you
> > have to be careful that the only bstrs being affected do contain OIDs,
> > and inadvertently tagging a compound structure that sometimes contains
> > non-OID bstrs (in the relevant places) can have unexpected effects.
> 
> Added (9782c6e):
> 
> An attacker might trick an application into using a byte string inside
> a tag-factored data item, where the byte string is not actually
> intended to fall under one of the tags defined here.  This may cause
> the application to emit data with semantics different from what was
> intended.  Applications therefore need to be restrictive with respect
> to what data items they apply tag factoring to.
> 
> > Section 9.1
> > 
> > AFAICT RFC 6256 only needs to be normative because of the way the
> > control operators are defined, and we rely on BER for everything else.
> 
> Yes.  Are you making this comment to state why this downref is relatively innocuous, or to say that we shouldn’t have the downref?

If I was holding the pen it wouldn't have the downref ... but it doesn't
actually matter.

> > (Also, it looks like BER has more strict requirements than SDNV for the
> > minimal-length encoding, though I did not investigate this very
> > thoroughly.)
> 
> Indeed.  However, this specification is more restrictive in not allowing leading zeroes except for an only byte.  E.g., Section 2.1 says:
> 
> >> Also, the first byte of each SDNV cannot be a
> >> leading zero in SDNV's base-128 arithmetic, so it cannot take the
> >> value 0x80 (bullet (c) in Section 8.1.2.4.2 of {{X.690}}).

Exactly, yes.

> To make this clear from the outset, I changed in the terminology section (dd312ff) :
> 
> -The term "SDNV" (Self-Delimiting Numeric Value) is used as defined in {{-sdnv}}.
> +The term "SDNV" (Self-Delimiting Numeric Value) is used as defined in
> +{{-sdnv}}, with the additional restriction detailed in {{reqts}}.
> 
> Thank you!

Thank you!

-Ben