Re: [core] [Anima] date-and-time and "created-on" field in constrained-voucher

Carsten Bormann <cabo@tzi.org> Tue, 28 June 2022 21:41 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B514C15A742; Tue, 28 Jun 2022 14:41:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.909
X-Spam-Level:
X-Spam-Status: No, score=-6.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rl06nfGaOYz9; Tue, 28 Jun 2022 14:41:01 -0700 (PDT)
Received: from gabriel-smtp.zfn.uni-bremen.de (gabriel-smtp.zfn.uni-bremen.de [IPv6:2001:638:708:32::15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0CEADC159480; Tue, 28 Jun 2022 14:41:00 -0700 (PDT)
Received: from [192.168.217.118] (p5089ad4f.dip0.t-ipconnect.de [80.137.173.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-smtp.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4LXdLw0xZ2zDCgn; Tue, 28 Jun 2022 23:40:56 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <09C66776-54C5-4C5D-9DFA-E164A1050170@tzi.org>
Date: Tue, 28 Jun 2022 23:40:55 +0200
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, Core <core@ietf.org>, anima@ietf.org
X-Mao-Original-Outgoing-Id: 678145255.804774-0e1b21791de80d3cd38c0695f55d699f
Content-Transfer-Encoding: quoted-printable
Message-Id: <E51C95DD-0AC5-40E4-8609-E0B444E77786@tzi.org>
References: <DU0P190MB1978F90B0893D32291F6EE7DFDB99@DU0P190MB1978.EURP190.PROD.OUTLOOK.COM> <24048.1656352364@localhost> <25937.1656365067@localhost> <CABCOCHS6=F0tfESkVmOk1AFKvsu4tRfKu9A_Sgz5swVXv-eXCQ@mail.gmail.com> <26870.1656383550@localhost> <CABCOCHSkh95PEEM5E3YKe_yc5VmsY90XxT1D-z3AiJwwcG-HhA@mail.gmail.com> <7669.1656440710@localhost> <6DCC06F4-3799-4CC0-8780-21E6B12A4022@tzi.org> <CABCOCHQqtKw6cZ1o7nzDmQBN0zQP70CgeAAc6nFdRa_kB+-DBQ@mail.gmail.com> <09C66776-54C5-4C5D-9DFA-E164A1050170@tzi.org>
To: Andy Bierman <andy@yumaworks.com>
X-Mailer: Apple Mail (2.3608.120.23.2.7)
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/0GxU7frzuC37ZhnJBAicEBMhpk8>
Subject: Re: [core] [Anima] date-and-time and "created-on" field in constrained-voucher
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jun 2022 21:41:06 -0000

On 2022-06-28, at 22:50, Carsten Bormann <cabo@tzi.org> wrote:
> 
> The alternative would be to trigger on the data, so any string that looks like 2022-06-28T20:48:15Z would turn into 1(1656449295).  That has some interesting security considerations, though.

Hmm, that is starting to become more attractive to me.

As long as we can make sure that the same string comes back out again, this can be safe even if we don’t get the typenames right.

Of course an efficient implementation might still be triggered by typenames, but it wouldn’t create a problem if that guesses wrong.

Grüße, Carsten