Re: [Cbor] [Technical Errata Reported] RFC8610 (6543)

Carsten Bormann <cabo@tzi.org> Wed, 14 April 2021 13:14 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5A053A0F02 for <cbor@ietfa.amsl.com>; Wed, 14 Apr 2021 06:14:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.919
X-Spam-Level:
X-Spam-Status: No, score=-1.919 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0DIE6qAt5_-I for <cbor@ietfa.amsl.com>; Wed, 14 Apr 2021 06:14:23 -0700 (PDT)
Received: from gabriel-vm-2.zfn.uni-bremen.de (gabriel-vm-2.zfn.uni-bremen.de [134.102.50.17]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F14C3A0EF6 for <cbor@ietf.org>; Wed, 14 Apr 2021 06:14:23 -0700 (PDT)
Received: from [192.168.217.118] (p548dc178.dip0.t-ipconnect.de [84.141.193.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-vm-2.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4FL2xS2yGSz1058; Wed, 14 Apr 2021 15:14:20 +0200 (CEST)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <20210414001322.EE85DF40791@rfc-editor.org>
Date: Wed, 14 Apr 2021 15:14:19 +0200
Cc: Henk Birkholz <henk.birkholz@sit.fraunhofer.de>, christoph.vigano@uni-bremen.de, "Murray S. Kucherawy" <superuser@gmail.com>, Francesca Palombini <francesca.palombini@ericsson.com>, Barry Leiba <barryleiba@computer.org>, =?utf-8?Q?Christian_Ams=C3=BCss?= <christian@amsuess.com>, cbor@ietf.org, smbarte2@illinois.edu
X-Mao-Original-Outgoing-Id: 640098858.696261-1b6dda42fca8df7d5dbc06f9986f7a5c
Content-Transfer-Encoding: quoted-printable
Message-Id: <7D880912-A489-4534-A05E-6B8129DB3614@tzi.org>
References: <20210414001322.EE85DF40791@rfc-editor.org>
To: RFC Errata System <rfc-editor@rfc-editor.org>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/ekFn8a4GbUQAk4nyhc-Il-ZRLZc>
Subject: Re: [Cbor] [Technical Errata Reported] RFC8610 (6543)
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Apr 2021 13:14:29 -0000

Hi Sean,

Thank you for submitting this report.

I don’t think bare single quotes are meant to be allowed in (comments in) qualified (h or b64 prefixed) byte string literals in CDDL.  The text doesn’t really say, and the grammar isn’t favorable.

The problem with “fixing” this ABNF to allow that is that it would typically be implemented as a two-level (three-level?) grammar, first processing the string syntax (e.g., handling the \’ processing) and then applying the WS syntax (e.g., comments) for the bsqual cases, and then the b64/b16 decoding.
But the other implementation approach, handling everything at the first level, is also valid.
This will make it require extra effort to get interoperability out of embedded single quotes.

I think most CDDL specification writers will survive without single quotes in comments in qualified byte string literals, at least until we review and update this specification.
Details like this generally need some WG time to resolve.

I put some text about the two open errata reports into draft-bormann-cbor-cddl-freezer, which is a list of items to consider during the next review and update of RFC 8610; will post the updated I-D SOON.

Grüße, Carsten


> On 2021-04-14, at 02:13, RFC Errata System <rfc-editor@rfc-editor.org> wrote:
> 
> The following errata report has been submitted for RFC8610,
> "Concise Data Definition Language (CDDL): A Notational Convention to Express Concise Binary Object Representation (CBOR) and JSON Data Structures".
> 
> --------------------------------------
> You may review the report below and at:
> https://www.rfc-editor.org/errata/eid6543
> 
> --------------------------------------
> Type: Technical
> Reported by: Sean Bartell <smbarte2@illinois.edu>
> 
> Section: B
> 
> Original Text
> -------------
>     bytes = [bsqual] %x27 *BCHAR %x27
>     BCHAR = %x20-26 / %x28-5B / %x5D-10FFFD / SESC / CRLF
> 
> Corrected Text
> --------------
>     bytes = %x27 *BCHAR %x27
>           / bsqual %x27 *QCHAR %x27
>     BCHAR = %x20-26 / %x28-5B / %x5D-10FFFD / SESC / CRLF
>     QCHAR = DIGIT / ALPHA / "+" / "/" / "-" / "_" / "=" / WS
> 
> Notes
> -----
> Section 3.1 states that comments are allowed in prefixed byte strings. This correction explicitly uses WS (which includes comments) in the rule for prefixed byte strings. Although the original ABNF would allow *most* comments, it would prohibit comments including a single quote, or comments with a backslash at the end of the line.
> 
> My correction allows prefixed byte strings to use every hex and base64 character. Alternatively, the ABNF could be narrowed down using separate rules for hex and base64, or it could be broadened to allow other characters. The ultimate effect would be the same regardless.
> 
> Note that both the original and corrected ABNF allow CRLF in unprefixed bytestrings.
> 
> (Note: Unlike my previous two errata, which affected unprefixed byte strings, this one affects prefixed byte strings.)
> 
> Instructions:
> -------------
> This erratum is currently posted as "Reported". If necessary, please
> use "Reply All" to discuss whether it should be verified or
> rejected. When a decision is reached, the verifying party  
> can log in to change the status and edit the report, if necessary. 
> 
> --------------------------------------
> RFC8610 (draft-ietf-cbor-cddl-08)
> --------------------------------------
> Title               : Concise Data Definition Language (CDDL): A Notational Convention to Express Concise Binary Object Representation (CBOR) and JSON Data Structures
> Publication Date    : June 2019
> Author(s)           : H. Birkholz, C. Vigano, C. Bormann
> Category            : PROPOSED STANDARD
> Source              : Concise Binary Object Representation Maintenance and Extensions
> Area                : Applications and Real-Time
> Stream              : IETF
> Verifying Party     : IESG
> 
> _______________________________________________
> CBOR mailing list
> CBOR@ietf.org
> https://www.ietf.org/mailman/listinfo/cbor