Re: [Cbor] [cbor-wg/cbor-magic-number] WGLC review (#10)
Michael Richardson <mcr@sandelman.ca> Sun, 12 September 2021 22:31 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C7173A2094 for <cbor@ietfa.amsl.com>; Sun, 12 Sep 2021 15:31:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hwNB4G9Ibvlx for <cbor@ietfa.amsl.com>; Sun, 12 Sep 2021 15:31:29 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C3413A2093 for <cbor@ietf.org>; Sun, 12 Sep 2021 15:31:28 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id D1E9D39EA6 for <cbor@ietf.org>; Sun, 12 Sep 2021 18:38:05 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id sbBUbMVVgR2x for <cbor@ietf.org>; Sun, 12 Sep 2021 18:37:57 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id 7F8A039E27 for <cbor@ietf.org>; Sun, 12 Sep 2021 18:37:57 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 17D313FB for <cbor@ietf.org>; Sun, 12 Sep 2021 18:31:17 -0400 (EDT)
From: Michael Richardson <mcr@sandelman.ca>
To: cbor@ietf.org
In-Reply-To: <cbor-wg/cbor-magic-number/issues/10@github.com>
References: <cbor-wg/cbor-magic-number/issues/10@github.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Sun, 12 Sep 2021 18:31:17 -0400
Message-ID: <24784.1631485877@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/htiw3YvWf8VVA_7QFoHYYkaufaI>
Subject: Re: [Cbor] [cbor-wg/cbor-magic-number] WGLC review (#10)
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Sep 2021 22:31:35 -0000
John Mattsson <notifications@github.com> wrote: > I provided I review as requested during the last IETF meeting. I just > looked at -04 as I plan to use this for C509. Seems like you might have > missed the mail with my review so I repost it here. Use it as you wish. > https://mailarchive.ietf.org/arch/msg/cbor/mxVhcytAIBgPqMCGwlQwXYZiOOo/ I'm sorry that I missed your July 31st review. I don't think that posting it to the github is the best way. > - "as is a file extension" The draft does not say anything about how to > chose a file extension. I think the needs to say something and give > guidance. Are protocols supposed to use some generic ".cbor" or use > there own like ".c509". Is it recommended to use several tags with the > same extension, i.e., should .c509 be used for several different tags > (chain, bag, CSR, CRL,...) or should each tag use its own file > extension. In the later case it would be good if the file extension was > registered together with tag number in IANA. I'm sorry, but it is not my intention to make any recommendations on file extensions. I have no opinion. > - I think it would help the reader to have an examples (CBOR diagnostic > + CBOR encoding) already in Sections 3.1 and 3.2. Something like the > example in appendix B: "55800(1330664270(h'424F52'))" Example CBOR > protocol values and the resulting bytes in the file would be even > better and would really help to make the draft easy to understand. So, you'd like an example in this section. I can do that. > Minor comments: > - "MacOS" The official spelling of the current version is "macOS" > - "classic MacOS..." Earlier versions were "Mac OS", "Mac OS X", and > "OS X". okay. > - "such as when attempting to do forensics on a damaged system" Is that > important enough to motivate additional bytes for Iot devices? First, who said the damaged device was an IoT device, as opposed to the system that was used to program/design the IoT device? Second, IoT devices regularly have multiple megabytes of flash now. > - "ZIP files of XML files." Also media and fonts etc. Yes, so what would you like you say here? That font files are also ZIP files? > - "artifacts" Is artifacts the right word here? Yes. > - "A magic number is ideally a unique fingerprint, present in the first > 4 or 8 bytes of the file" "that results in a deterministic first 8 to > 12 bytes" You should explain why you did not chose the "ideal" > solution, or change the text on what is ideal. I think that I did exactly that. > - Would be good with a sentence explaining that if the protocol is a > CBOR sequence then 3.1 cannot be used. > - "for each tag number NNNN, the representation of content-format > (RFC7252) NNNN-1668546560" I don't understand the ” NNNN-1668546560” > notation. Should it be NNNN + 1668546560 ? No, because the tag number is NNNN, not the Content Format. I changed it in a future version to NNNNNNNN to emphasis that it's the bigger number. I also had to read this text twice to be sure. > - "Subregistry" RFC 8126 states that the term subregistry was > unfortunatly used in the past. I think "CoAP Content-Formats" is a > registry in the "Constrained RESTful Environments (CoRE) Parameters" > group. Carsten? > - "00000000 d9 d9 f8 da 4f 50 53 4e 43 42 4f 52 |....OPSNCBOR|" I don’t > understand where the zeroes come from? Seems like postfix instead of > prefix. 000000000 is the offset in the file. > OLD "Both OpenOffice or MSOffice files" NEW "Both OpenOffice and > MSOffice files" What's the change? > OLD "QRcode" NEW "QR code" okay. > OLD "This new sequence of tags are" NEW "This new sequence of tags is" okay. > OLD "the the use of CBOR" NEW "the use of CBOR" already fixed. > OLD "private keys, certificate requests and S/MIME content." NEW > "private keys, certificate requests, and S/MIME content." (IETF use > the Oxford comma) thanks. > OLD "certificate requests" NEW "certification requests" or "certificate > signing request" RFC7030 calls thems Certificate Signing Requests. RFC5280 does not use the term. RFC4210 speaks of Certification Requests, but not CSRs. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | IoT architect [ ] mcr@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
- Re: [Cbor] [cbor-wg/cbor-magic-number] WGLC revie… Michael Richardson
- Re: [Cbor] [cbor-wg/cbor-magic-number] WGLC revie… Carsten Bormann
- Re: [Cbor] [cbor-wg/cbor-magic-number] WGLC revie… Carsten Bormann
- Re: [Cbor] [cbor-wg/cbor-magic-number] WGLC revie… Michael Richardson