IETF Logo Mail Archive

Re: [Cbor] Reviews and shepherd for draft-ietf-cbor-cddl-more-control

"lgl island-resort.com" <lgl@island-resort.com> Mon, 15 April 2024 18:20 UTC

Return-Path: <lgl@island-resort.com>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 334C8C14CF1B; Mon, 15 Apr 2024 11:20:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.899
X-Spam-Level:
X-Spam-Status: No, score=-6.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RWlGhIJGsWUE; Mon, 15 Apr 2024 11:19:55 -0700 (PDT)
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2099.outbound.protection.outlook.com [40.107.236.99]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57DDCC14CF1A; Mon, 15 Apr 2024 11:19:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eP7udtlEXxY2S6oD5YaRcvTfl7mmqYuJ5g+axq8QbxD36hksDgOis1zToAL9wDnztdwFdycZj0TyFQ38i/P2fp0s/XkQKMZ2ZRJqeAJMPo4ef9QM/lEr3+N7ZdkUiKhM1h7V778kknSrelXP532LzXhNIZiI6q5iIga8OPwNYyAukd927EPwrI2Oe3GeHa2v7wo6N+yEoUZiJuRAttjtUXUxuD72dHkfCuP2Q+8pPFOndTd2MZXI1cA55PvvDLCCkGLZivAqqwFZ0iGJsEgnZIdRWnjHmhRcpyEZnjHFq9NSfmZaOj6GxrNbohfF2fItOtUQkl/ysVlkdMyMKMWedQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qF283E098kM2A88OWXIfdVg8yxXbkZU9vHU/d3hDKoE=; b=FGf77sd0HBRJdW9kCk70zcjLGozCLU/eHPfnY7JugA4WhY/MHinmiIdW8D/sMLXc6S7kRAhT9Bzn7rlP5Sb1nuK/DQTCvmrElsaXij47NU8BstMwcfRkhoUK8r+NFhyk+TSg8SjCBqwB+I8uTqpphuK/Xc78JQ9Cqo7fT8xmMs+8717W9jkYpn3gJUx1Ev5ON7l5S/JBgmN1hDpBOOwPwE0YHmy9KENZp1Zbz4sOfdlHZ59Sfk4yiD56rgBIUW31KLgVQ8nYgJMPyIZ9RbRuPLsjSK9C2bfOO2vitYy6Stc4OExKpXr9Y71DHKbtZfz1pqDG2Jcv3uCDSv+RfamG1Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=island-resort.com; dmarc=pass action=none header.from=island-resort.com; dkim=pass header.d=island-resort.com; arc=none
Received: from PH7PR22MB3092.namprd22.prod.outlook.com (2603:10b6:510:13b::8) by MN0PR22MB3594.namprd22.prod.outlook.com (2603:10b6:208:371::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7452.50; Mon, 15 Apr 2024 18:19:48 +0000
Received: from PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::1cab:7344:221c:bb8e]) by PH7PR22MB3092.namprd22.prod.outlook.com ([fe80::1cab:7344:221c:bb8e%5]) with mapi id 15.20.7409.042; Mon, 15 Apr 2024 18:19:48 +0000
From: "lgl island-resort.com" <lgl@island-resort.com>
To: Carsten Bormann <cabo@tzi.org>
CC: Christian Amsüss <christian@amsuess.com>, "cbor@ietf.org" <cbor@ietf.org>, "draft-ietf-cbor-cddl-more-control@ietf.org" <draft-ietf-cbor-cddl-more-control@ietf.org>
Thread-Topic: [Cbor] Reviews and shepherd for draft-ietf-cbor-cddl-more-control
Thread-Index: AQHaiaBHsJSaT6YN1UegnAVoy4cepLFgP1yAgAAKsYCAAqT9gIAAJZaAgAMnUwCAAfVFgIAAuNuAgADFnoA=
Date: Mon, 15 Apr 2024 18:19:48 +0000
Message-ID: <3DCB7547-835B-4C44-B080-C4A561AA4E62@island-resort.com>
References: <ZeMG7tpfKLyf3aSz@hephaistos.amsuess.com> <ZhPIC9DyzcpyhjPI@hephaistos.amsuess.com> <3FECD79D-C19A-4F04-BF04-A39AC4962C2D@island-resort.com> <31FEFB97-87CD-4B6D-86A7-06CBE12D51E8@tzi.org> <EF87DF03-8483-45DD-AA80-8E885BB78F75@island-resort.com> <824851A4-BB83-400A-BBBE-2BFA5E6A4D60@tzi.org> <3F4D3A40-B55D-4625-8684-09915B13B036@tzi.org> <C99FB4A9-1BCD-427E-8107-9EC52F809742@island-resort.com> <C3AABC79-14C6-45BB-888C-6B7166C7FD67@tzi.org>
In-Reply-To: <C3AABC79-14C6-45BB-888C-6B7166C7FD67@tzi.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=island-resort.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: PH7PR22MB3092:EE_|MN0PR22MB3594:EE_
x-ms-office365-filtering-correlation-id: 6e7f9650-28a0-46a2-001c-08dc5d78a263
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: eRatpA8fznpclRZLma8ljLWwrkMWclFrSDXu8sO3aHO+E8teIRfp3SlVtir63H2Aoj3cx7hUX4oLQ6cnFiAeFpV48GwwRskVAWhpmeqJKqk1Nv2lSF+TroyUyVYJ720ZjmvQJ22JV2wva+2lPxVh9eYywsb4oT/ZOTQTNJn4brZgW3nXHSoU2M9d/DdVxM95ehoeeQGDpR4tMBmVe/rOSDoZKvjHasFS6eJ7p7os0W8o5+tIGoiV6dkpZfJxkNiHCOOcNvY+OI9ahbraD7fts9gV9w1jGN5sFFI4WqXmrljEF9//hJDB5lwH+oEZaaz9RXs6pqeugtaWruMl5Kf3IA839BQ6CIXio7cLQiErzktUI9qlQLbVIbcI+U4x1Nj3f+WpVVWKvtP20VazlxYKRBOQUCtrJvjg8+B2Ye81wyHZCARB6TbmkywFVH6yXy946MUTEC0nluQmDcC/CFWKzRDszyu0UKWzvj/8RVrdpbURd0kNr/YRtTqsiKp92Q3JQiB6xh+FgSZcgaX4+HVoosX8z/Ln6IoecxOF/0bZv2uUhLyvDZk0AhBpaKUROcu1Rm71YfTauuyHDJtFYyAIPqZ99Ej6QFJpwyw89fSq8WXZ6BZswSn+K1GunTPSdL0PvlKNdDhkyIeMZNomxPVlhzbypf84ZdlrjtAhAc/xosfbCBoV6xrX9byyaCGquLOyaqdn1OBhqZjmY4qJlzYc70H9I2gmmQFdkHNUZyLRGCQ=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH7PR22MB3092.namprd22.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(376005)(1800799015)(366007)(38070700009); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: jc9EuhqJJqhDajvbGOvdEk9RXN2FmJtWSF74U75oVICUBq3WcaqiRyyO9341e1CqZexrbulMMovj4LYIaX2Uk9mCkeQuN3/mkVoocWBODVg4WQcrU7w5BYsPThtYfprRKDSfxdwm4cEcKrsqXaamgFuEYbNiWF3cpK/sGyQZMOIgYOWr1cuxy/hc1JZAFIw2z9mZNgLyvRytUuJ/e5xVsN6NHtQqCICyGIaz3O9Vwc+oriHsrgwG+xI8VwNwnWF5Lg8Mx7C+InFhLRuvRS4F3aGP4XToc/68N8X6Ib17bOe3tNmcF+GTWELhShG4R+5LYTD7z4tEkRhhBwQ4aglbSqgVWILC9Q9SDU3Mh1LdPdAeEFGV5edzliN9Q5CN28O105hKIdFVlqojf/8HfggdfEbwzfRGz4rrim1jD26oAVubOfIPAV8X6l4mVFbtB7BD1TSIfigIi9fNDTRJceAK/X0uB6XCCTCli35XpkvdVyiMQb8huOBV+itWHOaIK/H+34vjB3JCizyeyyKI8cwweisxZbMlXp0sK75QYRBxF9lCryLwyk7iZIXmZKfevoS+lw2VfplIooCZyTr2QBHK8DU7O+mPtHXZkSEBH8VieG9ZdZh9GshZejBp0nlbBOS6HswkHUZklPesNVs6PPChSVf/hPoiNoyRIL4Z5o0gpb5AILIUnmGVuWOaU910jszAacaMtTI8iBwB6e9qd5ceyk6nfejMHjyMdtKMTeaIgssUpfmxiQWWnssionLLrMj4tvc++Z3Exp4jguz03Tsczc10fV0EDz4XrnJV9IcOSvop986jwKglkihMHTu2OpBFsdzd85++mip46wVlvhRUPM5yaKJTz8zE/DWLv1+i1gGlW9Jlm0aAgDCqy7SyMBhnklIOXo6eV4aW3e6Y1fThPUadUQGOZNU5uvXv8Fp0nzf7EWHwvLHAs/F5Jaeqrs9fK3QukN0Od0IGa8WhuZpm//sfglJQV2Rj/ng2YGSUlIWUVEkDj5CW1+nKITd8E9GZuzoWMYSS7DaHJWS1Y4s9zKlw61oFQhprGLS7jZHZ0o4XDLRpxb7nLuYA+nW/T/Q33gS51UIU124xGoEl/GkLls4ah8iLk5NNW/6zStAE+ASIG9imDL3HGRflvq1z8Qwpfzw1uG9cmTrwdUpNkpcW3rqC7B3lEmM/1sjLhwOI9bXq4NN0QKZHyjxtqy+UtbRUmsB0zDI04+ItM+jOVopFpD33OiZaReKJXwr+UKdUYKYomwBUuvIbPrJgOgeA5CUUc7VU5WqlcwTJvcOu4wHmYUhkQir03WLOo8MqDsFwZ6Z/J61RCJUsN+XGHR4UXQ0oqpsSA0uoyJElC6+hWG2rsYpuSEsnixaCRCvuxXeaaAfIMvxNW+cmmOtcRYYT1JetyMEDzFNQ9SGg7nb904CSQk71dgefEl8b8y7NNa3F3hAhTbThMRKvXWGpyBQOhFN4MVYaFntDrycoHQuH4Q6Y1In4BmZ1ian6Y21bUYs5aB3PHTpskmtYXKuL36zYmavCQhO/S7u7ObezxKe2+a077d9LxVerJKI/ISx7XYDECsmHDBNa3GwAlCZRJFSzlEsn
Content-Type: text/plain; charset="utf-8"
Content-ID: <A065C039D67BBF429E009B03B31B4A33@namprd22.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: island-resort.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH7PR22MB3092.namprd22.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6e7f9650-28a0-46a2-001c-08dc5d78a263
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Apr 2024 18:19:48.1015 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: ad4b5b91-a549-4435-8c42-a30bf94d14a8
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: c94070gJuj/+X3wkX0BliONl4jrsHdHLUFn7qS7yWAyf0cmNuOI1HtsAQHeZA7ucRMU6SsOGG7XhxsoXhjoX9g==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR22MB3594
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/u5JGioIgCdtxEKs8k2MtSgCIH9w>
Subject: Re: [Cbor] Reviews and shepherd for draft-ietf-cbor-cddl-more-control
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Apr 2024 18:20:00 -0000

Hi Carsten,

Appreciate the fix and rapid turnaround. 

I’d like to ask that the draft explicitly say that .b4u and .b4c accept only their respective alphabets.

- RFC 4648 only really says how to encode, not what decoders should do
- B64 decoders out there widely accept both; What .b64u and .b64c do here is far from the norm (but I like it)
- This draft is a specification that we expect other cddl tool implementors to follow so it should be clear

It would also be helpful for CDDL-using document authors like me to not have to go read and interpret RFC 4648.

Thx

LL



> On Apr 14, 2024, at 11:32 PM, Carsten Bormann <cabo@tzi.org> wrote:
> 
> Hi Laurence,
> 
>> On 14. Apr 2024, at 21:30, lgl island-resort.com <lgl@island-resort.com> wrote:
>> 
>> I’ve made a lot of progress using .join as described below, but this comment is about “.b64u” and RFC 4648 section 5.
>> 
>> It’s clear to me that a base64url encoder should output “-“ and “_” instead of “+” and “/“, but it’s not clear what an RFC 4648 section 5 decoder should accept. Most tools and websites I’ve played with accept both, and that’s OK. However, I was expecting .b64u to reject  “+” and “/“ because it is opinionated, but the cddl tool 0.11.4 doesn’t.
> 
> Thank you for the bug report — fixed in 0.11.5.
> 
>> Here’s my CDDL:
>>   foo = text .b64u bstr
>> 
>> Validating “jkd8” correctly succeeds
>> 
>> Validating "&kd8” correctly fails.
>> 
>> Validating "+kd8” unexpectedly succeeds. The “+” is b64, but not b64url.
> 
> Fixed in 0.11.5.
> 
>> Validating "YQ==" correctly fails due to opinions about padding (that I agree with).
>> 
>> Interestingly, .b64c does seem to reject inputs with “_” and “-“ which aligns with my reading of RFC 4648 section 4.
> 
> Yes. My .b64c implementation uses a platform API marked as strict.
> I mistakenly believed that the similar platform function that I used for .b64u also was strict in its character set; it turns out it wasn’t.
> So I added + and / to the check that already was handling =.
> 
>> I think I prefer strict enforcement because this is a validation tool.
> 
> I agree.
> 
>> If you are picking b64url, you are probably avoiding classic for a reason.
>> 
>> Whatever behavior is decided upon, it would be helpful to be clear in the draft because RFC 4648 isn’t that clear
> 
> I’d say 4648 is quite clear here.
> 4648 uses “recommended” once in an overview sentence where it introduces what actually is a mandate, but particularly Table 2 leaves no room for interpretation: + and / are not in the set of 4648 section 5 characters.
> 
>> and most of the tools I played with are not very organized.
> 
> Right — the above observation is another data point that indicates the existing platform mechanisms aren’t always very strict…
> 
> Grüße, Carsten
>

v2.23.0 | Report a Bug | By Email