[Cbor] [Errata Held for Document Update] RFC8610 (6527)

RFC Errata System <rfc-editor@rfc-editor.org> Fri, 23 April 2021 15:29 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3C433A123C; Fri, 23 Apr 2021 08:29:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IlX4ADoMbAIe; Fri, 23 Apr 2021 08:29:11 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7CE2A3A122E; Fri, 23 Apr 2021 08:29:08 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id B0320F4078C; Fri, 23 Apr 2021 08:29:01 -0700 (PDT)
To: smbarte2@illinois.edu, henk.birkholz@sit.fraunhofer.de, christoph.vigano@uni-bremen.de, cabo@tzi.org
X-PHP-Originating-Script: 1005:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: francesca.palombini@ericsson.com, iesg@ietf.org, cbor@ietf.org, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset=UTF-8
Message-Id: <20210423152901.B0320F4078C@rfc-editor.org>
Date: Fri, 23 Apr 2021 08:29:01 -0700 (PDT)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/i3M2clwl8023kSoJxsEhkAs692Q>
Subject: [Cbor] [Errata Held for Document Update] RFC8610 (6527)
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Apr 2021 15:29:17 -0000

The following errata report has been held for document update 
for RFC8610, "Concise Data Definition Language (CDDL): A Notational Convention to Express Concise Binary Object Representation (CBOR) and JSON Data Structures". 

--------------------------------------
You may review the report below and at:
https://www.rfc-editor.org/errata/eid6527

--------------------------------------
Status: Held for Document Update
Type: Technical

Reported by: Sean Bartell <smbarte2@illinois.edu>
Date Reported: 2021-04-11
Held by: Francesca Palombini (IESG)

Section: B

Original Text
-------------
text = %x22 *SCHAR %x22
SCHAR = %x20-21 / %x23-5B / %x5D-7E / %x80-10FFFD / SESC
SESC = "\" (%x20-7E / %x80-10FFFD)

Corrected Text
--------------
SESC = "\" ( %x22 / "/" / "\" /                 ; \" \/ \
             %x62 / %x66 / %x6E / %x72 / %x74 / ; \b \f \n \r \t
             (%x75 hexchar) )                   ; \u
hexchar = non-surrogate / (high-surrogate "\" %x75 low-surrogate)
non-surrogate = ((DIGIT / "A"/"B"/"C" / "E"/"F") 3HEXDIG) /
               ("D" %x30-37 2HEXDIG )
high-surrogate = "D" ("8"/"9"/"A"/"B") 2HEXDIG
low-surrogate = "D" ("C"/"D"/"E"/"F") 2HEXDIG

Notes
-----
As discussed during the CBOR interim 2021-04-21 and in the mailing list: https://mailarchive.ietf.org/arch/msg/cbor/ljHAiw-WhNqoIKAzkjZa4WIf56Q/ 
--
The ABNF used in [RFC8610] for the content of text string literals is rather permissive:

text = %x22 *SCHAR %x22
SCHAR = %x20-21 / %x23-5B / %x5D-7E / %x80-10FFFD / SESC
SESC = "\" (%x20-7E / %x80-10FFFD)

This allows almost any non-C0 character to be escaped by a backslash, but critically misses out on the \uXXXX and \uHHHH\uLLLL forms that JSON allows to specify characters in hex. Both can be solved by updating the SESC production to:

SESC = "\" ( %x22 / "/" / "\" /                 ; \" \/ \
             %x62 / %x66 / %x6E / %x72 / %x74 / ; \b \f \n \r \t
             (%x75 hexchar) )                   ; \u
hexchar = non-surrogate / (high-surrogate "\" %x75 low-surrogate)
non-surrogate = ((DIGIT / "A"/"B"/"C" / "E"/"F") 3HEXDIG) /
               ("D" %x30-37 2HEXDIG )
high-surrogate = "D" ("8"/"9"/"A"/"B") 2HEXDIG
low-surrogate = "D" ("C"/"D"/"E"/"F") 2HEXDIG

Now that SESC is more restrictively formulated, this also requires an update to the BCHAR production used in the ABNF syntax for byte string literals:

bytes = [bsqual] %x27 *BCHAR %x27
BCHAR = %x20-26 / %x28-5B / %x5D-10FFFD / SESC / CRLF
bsqual = "h" / "b64"
The updated version explicit allows \', which is no longer allowed in the updated SESC:

BCHAR = %x20-26 / %x28-5B / %x5D-10FFFD / SESC / "\'" / CRLF


--------------------------------------
RFC8610 (draft-ietf-cbor-cddl-08)
--------------------------------------
Title               : Concise Data Definition Language (CDDL): A Notational Convention to Express Concise Binary Object Representation (CBOR) and JSON Data Structures
Publication Date    : June 2019
Author(s)           : H. Birkholz, C. Vigano, C. Bormann
Category            : PROPOSED STANDARD
Source              : Concise Binary Object Representation Maintenance and Extensions
Area                : Applications and Real-Time
Stream              : IETF
Verifying Party     : IESG