IETF Logo Mail Archive

Re: [Cbor] Unusual map labels, dCBOR and interop

Orie Steele <orie@transmute.industries> Thu, 28 March 2024 14:11 UTC

Return-Path: <orie@transmute.industries>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4473FC14F691 for <cbor@ietfa.amsl.com>; Thu, 28 Mar 2024 07:11:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.074
X-Spam-Level:
X-Spam-Status: No, score=-2.074 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=transmute.industries
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 19_Ug7tkfsPH for <cbor@ietfa.amsl.com>; Thu, 28 Mar 2024 07:11:14 -0700 (PDT)
Received: from mail-pg1-x52e.google.com (mail-pg1-x52e.google.com [IPv6:2607:f8b0:4864:20::52e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D94F9C14F60D for <cbor@ietf.org>; Thu, 28 Mar 2024 07:11:09 -0700 (PDT)
Received: by mail-pg1-x52e.google.com with SMTP id 41be03b00d2f7-5bdbe2de25fso684602a12.3 for <cbor@ietf.org>; Thu, 28 Mar 2024 07:11:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=transmute.industries; s=google; t=1711635069; x=1712239869; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=a+SNRQ0fxo0Nit/VMNMdZ8lBgSGGLjlGH7KVwQWhqUc=; b=FEOV2MsOoNvGpAVbSy66B48jKYheAG/mBvAv+Mm6yqqoi2ADCJLDhFj2pGOlrAKpd6 2bX8LvbW1036mhfw4QiqK2e3JTdCrMRuABcks9jl9bHrV078wjvmiaUqNBKlcVxSN0P1 4ZgtH6P8bnngifdrNrHKSMAj8KUGThuH18kzt3K6A4zK2g29o80RGZb+Q1N5m+Hns9P9 BkllMP3PB0GDOPlM4a07opl8Qa0Nhb9salUbMJUpb60H0FBS4jDhOHbKrmPRsL3NCPx1 eBySOolns4vbz8cDCOkaB7JYtpjhOeiVG1c+Xf7/nG7l5+ZifZVPrB31Lxz8KYYl4Hfh nuFA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711635069; x=1712239869; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=a+SNRQ0fxo0Nit/VMNMdZ8lBgSGGLjlGH7KVwQWhqUc=; b=MUsytm2XfuRcHW5sg2iOgqtvjjmZx7HCzwQC3fboXcDH281N4htEaSHm27rxAlkdZW Uin/ehqfjsVOVg63aNnEXFQwiNPoIjHrWPtGRnYuBSzjs0r9YrulwEUhNYpPwRNl23Sj k2kL34nAA7rnWgCUuLEcKjfWwFhOhSpE14anGpagWbnhD6hOBPqbAiAQKu+RGSiK6x7f YfZUoKuyhQzls+MzoemF3lNRplrQnUNkOf3Fffs+SXJga7aWxbAnX5/w62wTPkqcsG8l zdn5lljQsYbWQRsgIQs8MSAG7mOwunTHrELVZQLSV5oQ0rqTPgfLydEesXxI7Hcw83Sk dvbg==
X-Gm-Message-State: AOJu0YyznO3vIEdGPPR6jOJ5mKzGIIB0lAcXvC7imAQOkqOs120mZRLx CdQG3n23oI3CCANgeMMP+ZtrmPJXt5LagTM/ar690/JQgZ32XF2mF8moYNgsnbXpodG4FO3r4I3 GH7RNhkqorruOluez/5WoaBgL1/n63bt1GxuSFQ==
X-Google-Smtp-Source: AGHT+IFNJbn0KJm0X1QVpJftwgoCr7LTZRsKgxSnrnZ2ZG1/YmS7wPiFEsA33DOgOl93xjfHsUpF5TtLyTaAjSlewXQ=
X-Received: by 2002:a17:90a:dc08:b0:2a0:4c3b:3454 with SMTP id i8-20020a17090adc0800b002a04c3b3454mr2235969pjv.47.1711635068979; Thu, 28 Mar 2024 07:11:08 -0700 (PDT)
MIME-Version: 1.0
References: <8C245824-1990-4616-AB70-FFD4FACB1AE9@island-resort.com> <11E8A8A5-D891-49FF-AF16-697C06F463B3@tzi.org> <9A0CE364-C141-4EBE-9703-292C416D12F5@island-resort.com> <3D62C4F0-D570-4EE4-AF6A-163C708AA6BE@tzi.org> <58BA8F8C-0C63-4534-9BF7-255C32D02C16@island-resort.com> <CAN8C-_KCLv_cAt-0-C_=i6DXjZFkgkmgZ8DNq48RcxcvV+jEUQ@mail.gmail.com> <437a375c-49e8-4406-a192-acb9a5e7bf31@gmail.com> <9272C2ED-432D-4D6D-AB64-38976F9297D5@wolfmcnally.com> <794fae9f-1c87-498b-aaea-4e476b0dc420@gmail.com> <C24BFA9D-D19C-4267-B0C8-54842B124452@wolfmcnally.com> <03144212-69bd-441e-8697-fdf1fd9f9689@gmail.com> <B53F373E-4997-4654-AB56-7719EF0ADD99@wolfmcnally.com> <CADEL5zt=CHZPpksVm8Qwo3NY0VTStbpSFPgfDbDMN8RgjVrJwQ@mail.gmail.com> <1FD1F074-F07D-46A5-AB80-7782F33FCBAB@wolfmcnally.com>
In-Reply-To: <1FD1F074-F07D-46A5-AB80-7782F33FCBAB@wolfmcnally.com>
From: Orie Steele <orie@transmute.industries>
Date: Thu, 28 Mar 2024 07:10:57 -0700
Message-ID: <CAN8C-_JiRzWQZLpxs5p5fx7BM_zPH8-NGY-e9b6MJ_iN8nAP0A@mail.gmail.com>
To: Wolf McNally <wolf@wolfmcnally.com>, Carsten Bormann <cabo@tzi.org>
Cc: CBOR <cbor@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000045a7d40614b918f4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/GbA7ouhM_Ht4wE6voks7RiGo6fI>
Subject: Re: [Cbor] Unusual map labels, dCBOR and interop
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Mar 2024 14:11:19 -0000

Wolf and Carsten,

Thanks for educating me : )

Let me try my argument one more time, and if it doesn't land, then maybe
I'm chasing ghosts.

Let's say you have a CWT based protocol that is supposed to implement
dcbor, and that spans multiple middle boxes.

The protocol starts with a coin flip to decide which serialization to use
"cbor or dcbor".

After deciding any time "cbor" is chosen, a random "dcbor incompatible data
element" (such as undefined, or weird numbers) is inserted into the
unprotected header by every middle box that supports "cbor" and not "dcbor".

My concern was that on the wire, the boxes will see "application/cbor", but
internally they will process them as "application/dcbor+cbor", hence it is
less safe for this protocol to use "application/cbor"... but it would be
more safe for this protocol to use "application/dcbor+cbor".

I think the recommendation for such a protocol would be to define a more
specific dcbor based media type, like "application/foo+cbor", but then in
the media type registration cite dcbor instead of normal cbor.... I suspect
that people won't read this registration and will look at "+cbor" and
assume "undefined" and "weird numbers", are allowed.

That's the argument I am trying to articulate, is this a concern?

Regards,

OS





ᐧ

On Thu, Mar 28, 2024 at 1:25 AM Wolf McNally <wolf@wolfmcnally.com> wrote:

> Anders,
>
> On Mar 28, 2024, at 1:23 AM, Anders Rundgren <
> anders.rundgren.net@gmail.com> wrote:
>
> All of this is fine, but none of this is in conflict with CDE.
>
>
> That is correct: dCBOR is a *specialization* of CDE.
>
> ~ Wolf
>
> _______________________________________________
> CBOR mailing list
> CBOR@ietf.org
> https://www.ietf.org/mailman/listinfo/cbor
>


-- 


ORIE STEELE
Chief Technology Officer
www.transmute.industries

<https://transmute.industries>

v2.23.0 | Report a Bug | By Email