Re: [Cbor] What's your opinion of using CDDL to simultaneously define CBOR and JSON?

Carsten Bormann <cabo@tzi.org> Wed, 08 September 2021 19:14 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C8523A335A for <cbor@ietfa.amsl.com>; Wed, 8 Sep 2021 12:14:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pJcx0LV9Edke for <cbor@ietfa.amsl.com>; Wed, 8 Sep 2021 12:14:40 -0700 (PDT)
Received: from gabriel-smtp.zfn.uni-bremen.de (gabriel-smtp.zfn.uni-bremen.de [134.102.50.15]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 766DD3A335E for <cbor@ietf.org>; Wed, 8 Sep 2021 12:14:40 -0700 (PDT)
Received: from [192.168.217.118] (p548dcf6e.dip0.t-ipconnect.de [84.141.207.110]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-smtp.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4H4WzK71ghz33bQ; Wed, 8 Sep 2021 21:14:37 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <19710.1631126881@localhost>
Date: Wed, 08 Sep 2021 21:14:37 +0200
Cc: Laurence Lundblade <lgl@island-resort.com>, cbor@ietf.org
X-Mao-Original-Outgoing-Id: 652821277.614428-78a3daad209a783f967ac1227da798f4
Content-Transfer-Encoding: quoted-printable
Message-Id: <84FA287D-2FEA-442E-9102-7AE805E48A2E@tzi.org>
References: <51537C68-F495-4750-9376-A637BD0E78DD@island-resort.com> <19710.1631126881@localhost>
To: Michael Richardson <mcr+ietf@sandelman.ca>
X-Mailer: Apple Mail (2.3608.120.23.2.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/uls9hOhknexSfSUuwuwQgTNfVig>
Subject: Re: [Cbor] What's your opinion of using CDDL to simultaneously define CBOR and JSON?
X-BeenThere: cbor@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Concise Binary Object Representation \(CBOR\)" <cbor.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/cbor>, <mailto:cbor-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor/>
List-Post: <mailto:cbor@ietf.org>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cbor>, <mailto:cbor-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Sep 2021 19:14:45 -0000

On 2021-09-08, at 20:48, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
> 
> Signed PGP part
> 
> Laurence Lundblade <lgl@island-resort.com> wrote:
>> Right now, the EAT draft is using CDDL to simultaneously define the EAT
>> protocol such that it can be encoded in either CBOR or JSON. This also
>> gives transcoding of the protocol between CBOR and JSON which is useful
>> at the Verifier. There is also some interest in expanding to
>> ASN.1. That seems doable. Then maybe on to YANG, but that seems harder.

Less is more.
I don’t know why people think that having the same data in five different representations aids interoperability.

> Sorry to nit-pick, but expanding to *DER* (or BER) would be easy.

There is a lot of weirdness in that representation format (ASN.1 tags, SEQUENCE vs. SET, etc.) that will create noise in a language like CDDL.

> Rewriting the CDDL in ASN.1 serves no purpose in my opinion.
> It would be an entirely new spec.

At least one could cover the BER/DER idiosyncrasies that way.
But what is the point?

> Similiarly, rewriting to YANG is meaningless.
> YANG serializes to CBOR, JSON, XML and other stuff.
> Serializing the CDDL to XML might be interesting to someone.
> (not met)

You forgot to throw EXI into the mix.

>> This kind of all started when CWT was created out of JWT, but that was
>> all before CDDL. If we set out to define JWT plus CWT today from
>> scratch, would we use CDDL?
> 
> JWT/CWT would have been described in CDDL.
> And we can describe it today in CDDL.

And that’s what we should do.
(For CWT — somebody else can do that for JWT.)

> I imagine that if we do new iterations of documents may include CDDL for
> this.

Yep.  I plan to do that in the next couple of days.

Grüße, Carsten