IETF Logo Mail Archive

Re: [Cbor] Robert Wilton's No Objection on draft-ietf-cbor-file-magic-11: (with COMMENT)

"Rob Wilton (rwilton)" <rwilton@cisco.com> Fri, 22 April 2022 09:14 UTC

Return-Path: <rwilton@cisco.com>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 176E93A12AF; Fri, 22 Apr 2022 02:14:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.607
X-Spam-Level:
X-Spam-Status: No, score=-9.607 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=juWlQepB; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=ddHMyF5O
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kI1N0Ub0qIHd; Fri, 22 Apr 2022 02:14:05 -0700 (PDT)
Received: from alln-iport-8.cisco.com (alln-iport-8.cisco.com [173.37.142.95]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7B8523A12B5; Fri, 22 Apr 2022 02:14:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4430; q=dns/txt; s=iport; t=1650618845; x=1651828445; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=S9wmhevaowq1+xuVKKKh5Wa3dod8g6/a5ofNirFq9aY=; b=juWlQepBBRSOb7gNqSJ2MdXpIJ+1+ftuIIDJqagxD5ZHDUUDOwb3cl/h MCyN+N7CQ/ocMcyNtCisUtwfPi4sTw5koVkRGV12l/3z9FakTsA8Me51G Vbjtwz8y84rsPiaKmB9eDttFi9CLcOvmXnRqdWOnzzngcRdNfvoXCvQcW g=;
X-IPAS-Result: A0D5AAAjcWJimIwNJK1aHgEBCxIMQIFLC4FSVnwCWDlDhFSDSgOFOYUPgwIDkEaKd4EugSUDVAsBAQENAQE3DAQBAYUDAhaEdAIlNAkOAQIEAQEBAQMCAwEBAQEBAQMBAQUBAQECAQcEFAEBAQEBAQEBCRQHBgwFDhAnhWgNhkIBAQEBAxIREQwBATcBCwQCAQYCDgMEAQEDAiYCAgIwFQgIAgQOBQgagmMBgmUDMQEOkmWPNwGBPgKKH3qBMYEBgggBAQYEBIFLQYJ/GII4AwaBESyDEYQphx0nHIFJRIEVQ4JnPoJjAgOBX4NUN4IMIpxDAmIEJywgZRMtThmSNyqDDUaoPYIsCoNKixmVCBWoU5ZfjSCURiWEZQIEAgQFAg4BAQaBYYIVcBWDJFEZD44gCRAJFYM7hRSFSnU4AgYBCgEBAwmQcwEB
IronPort-PHdr: A9a23:/49A0hBK0zORaOp+8CNHUyQVaBdPi9zP1kY95pkmjudIdaKut9TnM VfE7PpgxFnOQc3A6v1ChuaX1sKoWWEJ7Zub9nxXdptKWkwJjMwMlFkmB8iIQUTwMP/taXk8G 8JPHF9o9n22Kw5bAsH7MlbTuXa1qzUVH0aXCA==
IronPort-Data: A9a23:XaG7VKO7wELy+xjvrR1Ol8FynXyQoLVcMsEvi/4bfWQNrUoqhjBRz mUWDT+FPa6OMWr3KI0nbou//U0C68SEzNJrTnM5pCpnJ55oRWUpJjg4wmPYZX76whjrFRo/h ykmQoCcaphyFBcwnz/1WlTbhSEUOZqgG/ytUIYoBggrHVU+EHt700o68wIEqtcAbeaRUlvlV eza+6UzCHf9s9KjGjtJg04rgEoHUMXa4Fv0jHRnDRx4lAO2e00uMX4qDfrZw00U7WVjNrXSq +7rlNlV945ClvsnIovNfr3TKiXmTlNOVOSDoiI+ZkSsvvRNjhcO6J8qGNsTUEUN1GiYwZMh9 cRMm6XlHG/FPoWU8AgcexBcFyc7Nqpc9fqYZ3O+qseUiUbBdhMAwd03UxpwZtNeo70xWD0Wn RAbAGhlghSrnf23xK68TMFnh98oK4/gO4Z3VnRInW+DVa9+GMyZK0nMzeVG4C0bi99sIfP5O fYLSAhVNwmRfhIabz/7D7pnzLv32RETaQZwpEicq7Zy4mXPwkl62r/3ddTUftHPQMxan02wp 2/a8SL+GB5yHNeVziDA+XKlh/XUtSL2RIxUE6e3ntZhilqJ7m0eFBNQUkG0ydGyilS/QM5eI ko88y81sKUp7wqgSdyVdxy1u3GsvxMAVZxXCeJSwAqEwK38/xSYQG8eQVZ8hMcOvcsyQ3kh0 UWE2oyvDj10u7rTQnWYnluJkd+sERMpF1YTSQ4LdAlfvITy/sJjswPOYO82RcZZkebJMT33x jmLqg03iLMSkdMH2s2HEbbv3m/ESn/hE1Jd2+nHYo62xlgiPdf6OeRE/XCevKgec9fAJrWUl CJc8/Vy+tziGn1keMalaeEJEbfBCx2tb2CE2AUH83XMC12QF5OLdIRU5nR1I11kd5lCcj7ya 0iVsgRUjHOyAJdIRfIpC25SI513pUQFKTgDfquJBjapSsMtHDJrBAk0OSatM5nFySDAa50XN 5aBatqLBn0HE6lhxzfeb75DjOd2ln5hnzKCFMyTI/GbPVy2OSH9pVAtbQTmUwzFxP/sTPj9q owGbJLal32zrsWnP3aJmWLsEbz6BSFrWc+pwyCmXuWCOQFhUHowEOPcxKhJRmCWt/o9qws8x VnkAhUw4AOm3RXvcFzWAlg+OOKHdcsu9hoTYH1zVX72gCJLSdj0s88im24fIONPGBpLl6AkF pHouqyoX5xyd9gw02lDPcSl8Nw+JXxGR2umZkKYXdT2RLY4LyShxzMuVlKHGPUmZsZvifYDn g==
IronPort-HdrOrdr: A9a23:rMR5e62+S6ftFV9IWthxXwqjBRhyeYIsimQD101hICG9Lfb3qy n+ppsmPEHP5Ar5AEtQ5expOMG7MBfhHO1OkPYs1NCZLUbbUQqTXc1fBO7ZogEIdBeOjtK1uZ 0QEZSWTeeAcGSS7vyKrjVQcexQu+VvmZrA7Yy1ohcdLj2CKZsQlTuRYTzrdXGeMTM2fKbRY6 DsgPavyQDQHEg/X4CePD0oTuLDr9rEmNbNehgdHSMq7wGIkHeB9KP6OwLw5GZebxp/hZMZtU TVmQ3w4auu99uhzAXH6mPV55NK3PP819p4AtCWgMR9EESttu/oXvUjZ1SxhkFxnAid0idvrD AKmWZmAy1H0QKSQohym2qq5+Cv6kd215ao8y7nvZKqm72JeNt9MbsYuWqcGSGpsXbJe7pHof l2NiuixupqJAKFkyLn69fSURZ20kKyvHo5iOYWy2dSSI0EddZq3MciFW5uYd499RjBmcga+S hVfbXhzecTdUnfY2HSv2FpztDpVnMvHg2eSkxHvsCOyTBZkH1w0kNdnaUk7zo93YN4T4MB6/ XPM6xumr0LRsgKbbhlDONERcesEGTCTR/FLWrXK1X6E6MMPW7LtvfMkf8IzfDvfIZNwIo5mZ zHXl8dvWkue1j2AcnLx5FP+gClehTKYd0s8LAo23FUgMyPeFOwC1zxdLkHqbrUn8ki
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.90,281,1643673600"; d="scan'208";a="862010142"
Received: from alln-core-7.cisco.com ([173.36.13.140]) by alln-iport-8.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 22 Apr 2022 09:14:04 +0000
Received: from mail.cisco.com (xfe-aln-005.cisco.com [173.37.135.125]) by alln-core-7.cisco.com (8.15.2/8.15.2) with ESMTPS id 23M9E4QM014673 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=OK); Fri, 22 Apr 2022 09:14:04 GMT
Received: from xfe-rtp-003.cisco.com (64.101.210.233) by xfe-aln-005.cisco.com (173.37.135.125) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14; Fri, 22 Apr 2022 04:14:03 -0500
Received: from NAM11-CO1-obe.outbound.protection.outlook.com (64.101.32.56) by xfe-rtp-003.cisco.com (64.101.210.233) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.14 via Frontend Transport; Fri, 22 Apr 2022 05:14:03 -0400
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PD4uv0RRumV8G2IGDuPWnuwTYsekEpN05541WqZl1z1V05FDW15iosi+DSNQs0mcZurqK97kDajCR9dERYQ4hitPWd2ZshR6D/M8tXneso9TFIQNLhtZhJKOa47Oqyl4qhAu9sgEvk0NMbOgpN19MZkgei4MdBS/ZNm1l9c8fKpVpNcIp6uzUy7KzB7o67ki6mQf2hWWOu0QUkKDt31OFrBl8rsp+5XkRTrBJLzu7HDrOpQdTHQqZdkuBE7YC6/1V4DmZX8SCAQocaBHOAKG6kiTd1V3+kIrTAHPk4Sib5SUwDmBomLNo/pGHz8NGa7s2V6JnEGMVbZDmHntNWr6mw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=S9wmhevaowq1+xuVKKKh5Wa3dod8g6/a5ofNirFq9aY=; b=FtbmFniUzDJRDxS5SZ7KVVHpLEI2xotcdD8FXbxHB2spCKjiy6KU0SzItUVql2VObXYXx8AENd1Ta+Q4DdOGsSrqa4uv5w3d7oljmk/vBgRaJbe2iKgasoi6SXMOw5jdQshSXVygDUvc8IGQLDck+BVS/H1zcqg04nYNbabd92Kl1zNWgmdg1BWaAk+vNnW9FIWu6fNilJNBEgCb9Yn+JWD/oNp310tjfMYUoH52GkbrQLapeJaNF1R+NzH3o2ZYlz4nUP+oWCPzI21EeDDWheLkY2ftzlg6zVLg2gUh3y0a+znPX+HnfRemiDaWxfz9e43HyDmDkZqZw8qtSVAv9A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=S9wmhevaowq1+xuVKKKh5Wa3dod8g6/a5ofNirFq9aY=; b=ddHMyF5OAxs1L+TxRFPqVHFuDsK6xZ5R5UTbNwsa/b/U3eZm7sK5gJlCJG4O4X5MJmSeXYHKzHmbRGquQo6RgrBPb8r9KaFdh6si7bJilz5OJA13b15EK7FhRYFsgZyPKbur9cw9idFbYz+urzrITOcyDZVTMhv5IROd7C6MDCk=
Received: from BY5PR11MB4196.namprd11.prod.outlook.com (2603:10b6:a03:1ce::13) by DM6PR11MB3643.namprd11.prod.outlook.com (2603:10b6:5:13f::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5186.15; Fri, 22 Apr 2022 09:14:01 +0000
Received: from BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::b9eb:9cb1:5ee0:169e]) by BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::b9eb:9cb1:5ee0:169e%5]) with mapi id 15.20.5164.026; Fri, 22 Apr 2022 09:14:01 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: Carsten Bormann <cabo@tzi.org>
CC: The IESG <iesg@ietf.org>, Christian Amsüss <christian@amsuess.com>, "cbor@ietf.org" <cbor@ietf.org>, "cbor-chairs@ietf.org" <cbor-chairs@ietf.org>, "draft-ietf-cbor-file-magic@ietf.org" <draft-ietf-cbor-file-magic@ietf.org>
Thread-Topic: [Cbor] Robert Wilton's No Objection on draft-ietf-cbor-file-magic-11: (with COMMENT)
Thread-Index: AQHYVZ5RLxkFAO5rJEacCzNIqlCFaqz6mVsAgAEI2qA=
Date: Fri, 22 Apr 2022 09:14:01 +0000
Message-ID: <BY5PR11MB4196532A7E6B9E0145225FF8B5F79@BY5PR11MB4196.namprd11.prod.outlook.com>
References: <165055913687.10023.13183316329683102967@ietfa.amsl.com> <1560B380-1BB5-498F-BF33-F57B85478052@tzi.org>
In-Reply-To: <1560B380-1BB5-498F-BF33-F57B85478052@tzi.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cisco.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: cb37af2f-20c2-4cf2-61eb-08da244070bb
x-ms-traffictypediagnostic: DM6PR11MB3643:EE_
x-microsoft-antispam-prvs: <DM6PR11MB3643847117D2F20D7EB4FEFDB5F79@DM6PR11MB3643.namprd11.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 1NcRkJP3BGhXQBjiQWOqR4XnNmwGgMeUjRAHKThBCxK2YCxLfHB3jyszmTf+QGHvCSw37iBadszpRlVCkA6T+QnEVwFX1aMvQefiZScgs6d8biAvAm7hgXIZ2LIcYI/LYxLX8YPv884h9lC5S2ugRW03wJlMokFC75S0DTsWMqvz2dScDnzHW+PmyLB4UhH/U1SybEkqmp+v2NilPWcXgtRcMUi0H4orMjVPq7pfDwfmd6e5NKxfSzgA1AlJF1Bkgk63Lx607Z82o5GNLyUzbC5Yl71RPcsaktMoAFgfeGsGvSRP1JgipY/Q5kxCpRVdryVXn+MkcAaHtfE1MQF9DJGHazmlFoDcyytb4IxRRwo7JVapu5F+twc29EoWfY9zDK1T/AMz9JnjKyGhjhPISaGr6k8L/RaSdTzbjdpCNRySRtfdf6xjNtSCcI7L7IIGeQ/0iQLNlfx43HI/tj3KOzri1/tBh1+H42JCy45fKnE1G6lrXPthbN6PNvn3z1PTu23wlzL5LXRbXMDOdyB+54TaP50Eyj1sJd5NkfgkfXeXWkPckYh/m01AK9/dZT/kz4RCPSnJXRTDh4At2fLS1kf0O203QJgsjTmD+UAR9W7qJyvlUN31RNcLsnqyH19OhD3jShK0mQSdxzUSbSb1jgjjO4zTNTk5cewvh+PYnd0qVjetdJ9gGe37KY/lZyUoSpIGLo14qohNRXmsO6U/ooJ+bV3bxF2SGFGA905CgvykcI8zJqXQayG0rh4BMxgxS6jEbTqvznxhVtyMNYZj0DIXP5jNXnilZqwLtYZhcy0=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR11MB4196.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(316002)(54906003)(71200400001)(6916009)(33656002)(38100700002)(38070700005)(26005)(66574015)(966005)(122000001)(508600001)(55016003)(53546011)(83380400001)(7696005)(186003)(9686003)(6506007)(86362001)(66946007)(66556008)(66476007)(76116006)(64756008)(66446008)(4326008)(8676002)(8936002)(52536014)(5660300002)(2906002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Qzd4ZmVl22QtXEwazEWBIiEVEOdgm8VoYpX0VxNEkGWa3w2/MXG+vXQzEvpebcyqu6NIasu7m9gjNUHbDJSXKHjB7SJaUTv3PvGFsZSjmPMBl5ifRzORmWH/IJTdqOrNEEro+KG+bNLG4ESUI6WDZUCoKQvQgQkrnRYfe6Wy2Cwjgz/Kw3SQLFlbF6Md1dU9h1GVTbQbolPeznorM5p8xgLZ6hSoshf+rhUnX1RK9ISgrKCkoJnEaMfTkix7NLuc+ilH+dw4k3onZ/kRaKT8m4buB6JQsCMQSTY/iFkyVo19IJ7MSnufQ4jtW4zuTWTW1z7YX4YB34tvjBu4acCECTZ5PydPd3DhCO5Qoh9MD7xBNVH5itJf9YKIStOOlCKM91FQx14UYC/ZKjMCkG6LyGsKacdQ+nVkTKQeQtgeIlHhkWmjMPrFxz6Q4nXDJIacgA4RzsTZVNO+EqxlNdMW8exPWX4tblNh70OyUvtUlp2uPFtmzkTp6uIHKP/T20nfhGfbCRwzGpvsr1839q9Oeb5H3CiKlSMOmcspBCMSLGdN4NmbJtAuotda0vjBcyR+yYWPm25se2Xs4q01FNI0pOmDJaDUI5sdJgIQCZh6YXHdxCys7a3BZPJbU22U13KD9j8s1rlmroMi8oJF2JvS1yCUG8FB/4jzc/5IYC0ZPDIAcUDWXREtoqKSbtTkMbH+DaTlcYJsp8+vfQjakO9tn8EK9chzXF3j1AuiXIB252QopTYz6vOE3FV4PssULpmt7A+mimZJATk02+sDXXBT73i3xy8f89tFhmoFFz0bbJR1E72g8gzkNoqyTHDNgWg83kv4o3L3ze5cT1olHOHc43Ev0wjslr035viI2H1tTkKna4XQY7XRJHWDQrV+rQEcVMpuzje8yTiBWOsoH0O7BWKRaPlAL/aVKkC5hZCCqq76CH9tAyuVqjhbCpERsuWiQypg46hjGi9V3bm5Np45OncL7IsQfH1aZPQymh1OFPcucG8dsjAbMRnHXxp4otNaONEUozWdeNk4YA0LrdvM97Xg0gXWZSbjRtvgE5vKj+u34gY8XEr4BGrdC3kYKH6vw8yYTJgwZ8YsJV3+Jnu9FZjIRsIa72NZNJ/0WOOd4T2QPM846hcV/CiKAtljPgA6o2BEj+ILTVJ5Ahi9IMtfTYAABDBxqo7YJ8hUm9RzEh+gA+VMDSAD8DWf78JXsv8We9O9eCj5fqWPc6DM6wJdlaYqvbAiDdfpkxxK/nGSE5TamSuf99nzcRWsH6apyQ2ZKMg+cbFO2kQJl58sgWroiZF8nD7hMf2qZGUi+OicPJ6CpBAWJ6H/Kw6XaF1liUqpYYqYCTOVkG61kqCgA9QnyjX7SXM1s0SpaIS98GTPAu8gvkL7MC0KU8BCBI7aD6m9ZI3rMr75q61bHuPVwR823c3kbaGxJ4YkJQlwYjbI7iuYVhdDwj8yFM8D4+lH94MHAEKqut739ilNA09+cb7P+rffuODi+Ey/zdTN54unCd3ShTytDE4QA1iwQQewwCRDLSzODX6SIaEEgO5Qj7EdPgoayHQWk8WJ3NKvp+NBkMBYN1CYsUocI+ZFXmW6i23BJ/ORz00DlU5SDyDoHqLDS/KpFEY0EaWrFk6d0R5KpiFGfk5Obpg2tyt8NJrkiFljRtToCRQrIq8DHNnYduHMXWwfTc/QxU5KrJ/kr315MjXne03MtPLYYuk9G8s9bAxqb8XVkXaSfRJ72MQuokQXDA==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB4196.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: cb37af2f-20c2-4cf2-61eb-08da244070bb
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Apr 2022 09:14:01.2931 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: CB0k/cJTpVWSr9A2q0xXwmfW2KFGFYJYu3ZaZW9vuSaUDv64LDpYXOASBbydNk3q1+kBBGa1lE8EmtKW8EYQww==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3643
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.135.125, xfe-aln-005.cisco.com
X-Outbound-Node: alln-core-7.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/f3YGagR39uZipezAeGmOUyD0H34>
Subject: Re: [Cbor] Robert Wilton's No Objection on draft-ietf-cbor-file-magic-11: (with COMMENT)
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Apr 2022 09:14:11 -0000

Hi Carsten,

One other thought on this (when I was out running this morning) ... if C often does use strcpy (or even strncpy), then avoiding the zero byte isn't the only problem, it also has the risk of capturing arbitrary extra bytes which would presumably make the magic number check less reliable?

My instinct here is that we keep the algorithm simple, don't avoid embedded zero bytes, don't zero terminate, and just state that robust implementations should not assume that the magic number is a null terminated string.  Specifically, I'm assuming that C using strncpy isn't a security issue (because they don't know whether a file contains a magic number at all), just a reliability one, and that implementations will hopefully realize and fix this over time.  But this is just my opinion/suggestion.

Regards,
Rob


> -----Original Message-----
> From: Carsten Bormann <cabo@tzi.org>
> Sent: 21 April 2022 18:08
> To: Rob Wilton (rwilton) <rwilton@cisco.com>
> Cc: The IESG <iesg@ietf.org>; Christian Amsüss <christian@amsuess.com>;
> cbor@ietf.org; cbor-chairs@ietf.org; draft-ietf-cbor-file-magic@ietf.org
> Subject: Re: [Cbor] Robert Wilton's No Objection on draft-ietf-cbor-file-
> magic-11: (with COMMENT)
> 
> Hi Rob,
> 
> thank you for this input.
> 
> > The document, along with other ballot positions, can be found here:
> > https://datatracker.ietf.org/doc/draft-ietf-cbor-file-magic/
> > ----------------------------------------------------------------------
> > COMMENT:
> > ----------------------------------------------------------------------
> >
> > Hi,
> >
> > Apologies for a late review, and there is just one none blocking issue that I
> > wanted to raise:
> >
> >   It is further
> >   suggested to avoid values that have an embedded zero byte in the four
> >   bytes of their binary representation (such as 0x12003456), as these
> >   may confuse implementations that treat the magic number as a C
> >   string.
> >
> > I was less convinced by this statement because:
> > (1) It seems like C treating this as null terminated string is probably not the
> > right thing to do,
> 
> It is not, but I have seen too much code doing that with magic numbers
> (strncpy, that is).
> 
> > I'm not sure that we should be implicitly endorsing that.
> 
> Of course, we could decide that we make zero bytes prominent enough and
> mention that strncpy is not the way to do this.
> 
> > (2) When translating values from the Content-Format registry means that
> this
> > issue is presumably unavoidable.  I.e., it looks like your example in 2.2.1
> > violates this guidance.
> 
> It does.
> 
> This is easy to fix by using
> 
> 0x63740000 + (ct / 255 + 1) * 256 + ct % 255 + 1
> 
> as the tag number (*).
> 
> So we have the choice between
> 
> (1) not suggesting avoiding zero bytes or
> (2) making the above change to the content—format-number to tag-number
> mapping.
> 
> Grüße, Carsten
> 
> (*) Generally, this will not be a runtime computation, as the content-format
> number will be looked up manually and translated into a tag number using a
> formula at or before compiling — the difference is just the complexity of the
> formula.

v2.23.0 | Report a Bug | By Email