IETF Logo Mail Archive

Re: [core] [Last-Call] Iotdir telechat review of draft-ietf-core-dev-urn-09

"Martin J. Dürst" <duerst@it.aoyama.ac.jp> Thu, 07 January 2021 11:17 UTC

Return-Path: <duerst@it.aoyama.ac.jp>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 045963A0F74; Thu, 7 Jan 2021 03:17:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.162
X-Spam-Level:
X-Spam-Status: No, score=-2.162 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.262, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=itaoyama.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yfGI8xHnoxPu; Thu, 7 Jan 2021 03:17:15 -0800 (PST)
Received: from JPN01-OS2-obe.outbound.protection.outlook.com (mail-eopbgr1410102.outbound.protection.outlook.com [40.107.141.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A753C3A0F5E; Thu, 7 Jan 2021 03:17:14 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=A7Fr+9mN61C1sakLGC5s0/Sqg7pXOcGIzc4QRHxlmSxVZMcdOgC1BBrr2MG+uP5/Re4P9WQo81LMBel6czwYChJ1x4bGr1c/jz32Oq5r2FwSmGPJ4HsJBwgILyKqn5VdFZujqcI0mAmJ85U6LCb8OkazjsBX/VI2yXcELpjYLRK/hY70z9Tp6clhimnVMcSKdXHJ/bZh+6GXY2pvhoWWb6W8NqfUdbfHV6Ks6M0x6IKFahN95SCDwbkd59Qz2ZVI02u5Cr16VqQr6fLXs1OPL7dUWfjYfl3kIRswSjL/V0FBCS2mKkMFyID6uiVSUbSropMDjUnXGqJXRVlYG1+gQw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uN+6bSofjM75SRjiZh65DzLZOhKqjSSnsUUfg11trck=; b=abkSkW0SAnUlzAeBFjKF4B1+E2zu1lZSGtKFCFCkUT3rsQ8M2ZTrSLcJHH7G2g/MbT0M52yz/78btDHy2PzCzrb6JESU7IUzFHPm8he+oXYqYxcWZPuThhlFIhv0UzT/Bh1sRc6xuOjSxhiUrE01XMQW5peMj6svGtb10lspxB1y8fNH3oHleHcrMiQpzSFA1+niAFh58yYmWrLYIPjaRf5DXgGu7OnC9mgEkXZd2pt9gBfSaxZX2M4x/m+hR/PRfrbTb0iHoovp0Ix4P2SHsRhe3y9XLeJAGjWXY8rcSlEU+EZAW8igIk5v9P8MDr9qwCruT01qK6RAahiV2RU9wA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=it.aoyama.ac.jp; dmarc=pass action=none header.from=it.aoyama.ac.jp; dkim=pass header.d=it.aoyama.ac.jp; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=itaoyama.onmicrosoft.com; s=selector2-itaoyama-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uN+6bSofjM75SRjiZh65DzLZOhKqjSSnsUUfg11trck=; b=gbwPzYXznh3uvA+ihHte759NSKWQtI88N/RsB8pfiHkcPJeZEPjMfoiBzP4pxRG3TIwpzn0+Eal3+ZCp/+vP1sKLppAMtzGjCvjHW8FfSE8CgHdQ0CfUvV5PMMQeoX4iKhxt0cjeBlwv9O6rdI+EO1cYkkKOVDXeYhof7qCUD00=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=it.aoyama.ac.jp;
Received: from OS3PR01MB5686.jpnprd01.prod.outlook.com (2603:1096:604:c3::10) by OSAPR01MB5154.jpnprd01.prod.outlook.com (2603:1096:604:65::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3742.6; Thu, 7 Jan 2021 11:17:12 +0000
Received: from OS3PR01MB5686.jpnprd01.prod.outlook.com ([fe80::40fe:810c:329b:454]) by OS3PR01MB5686.jpnprd01.prod.outlook.com ([fe80::40fe:810c:329b:454%6]) with mapi id 15.20.3742.006; Thu, 7 Jan 2021 11:17:12 +0000
To: John C Klensin <john-ietf@jck.com>, Russ Housley <housley@vigilsec.com>, iot-directorate@ietf.org
Cc: last-call@ietf.org, draft-ietf-core-dev-urn.all@ietf.org, core@ietf.org
References: <160996930502.21827.5533521556349871834@ietfa.amsl.com> <B091AE313126430286B0902C@PSB>
From: "Martin J. Dürst" <duerst@it.aoyama.ac.jp>
Organization: Aoyama Gakuin University
Message-ID: <7bb73d56-134d-e8ab-7e65-f013e85d7eae@it.aoyama.ac.jp>
Date: Thu, 07 Jan 2021 20:17:08 +0900
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0
In-Reply-To: <B091AE313126430286B0902C@PSB>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Originating-IP: [121.118.76.82]
X-ClientProxiedBy: TYBP286CA0045.JPNP286.PROD.OUTLOOK.COM (2603:1096:404:10a::33) To OS3PR01MB5686.jpnprd01.prod.outlook.com (2603:1096:604:c3::10)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [192.168.1.2] (121.118.76.82) by TYBP286CA0045.JPNP286.PROD.OUTLOOK.COM (2603:1096:404:10a::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3742.6 via Frontend Transport; Thu, 7 Jan 2021 11:17:11 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 58eb5008-a87d-413e-1482-08d8b2fdc7ba
X-MS-TrafficTypeDiagnostic: OSAPR01MB5154:
X-Microsoft-Antispam-PRVS: <OSAPR01MB5154AE6450913F58C65AE9C7CAAF0@OSAPR01MB5154.jpnprd01.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: LpMAyU11dBh+rSQfr5odTSpJpXuI5/GCKisGzQl8QqTKgVuCLVwMTc4RBnh8FVG4eGJzn0QJY+pJLNJK7f5ot6zqLB6jmO7oHhO0sl1z/9leC3DOQ8dXxGlUObff04tpbN1Mdbi/zpil2XZMdmIwe9XQwNzANP5on4PBubryU9N9flSqlS1VwKYONh5l5R8g9UkS7ztxz2n944ElP/2SvfOBz3YISoejhsO/gsFyAA+E7OIc+zp2qGFx4r2M8DXfPYBbz60JmkNl+rC2ynh/r0q38+Fb3PeOIcILJ5bo7kvqI6QLjYcu2/o5F0VvlO+MEMlQo5vrjAlze0q/szx5WJ1dkOSglgDlTqOVEn2wNbvmv1THS37YpOt2KuENYMr84sVo3pBmDxVFWEPa+97L0vFE6pYpHxN2Oia/aosurc8UdAlmYDDUGgapUQRMiHpwEY95BqyNrWo7HEfgjJQAMIRLe6kmkWYuPjw1kE6UoF4=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:OS3PR01MB5686.jpnprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(376002)(136003)(39850400004)(346002)(396003)(366004)(26005)(5660300002)(16526019)(36916002)(2616005)(6486002)(8676002)(478600001)(186003)(8936002)(6666004)(83380400001)(2906002)(52116002)(66574015)(956004)(31686004)(786003)(316002)(110136005)(16576012)(4326008)(31696002)(53546011)(66946007)(66476007)(86362001)(66556008)(45980500001)(43740500002); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData: QCxv5SsyzAP6UwvaXlNQCQHBqfs7GXYHT7Wz9IWxet4mNBtVVnPJKSu8hbjfqd4E46jydCAcCbYF+Iv5wqI9IrwKi5JtLgoR9n5/KMXXT4xVMHoK1hE2Po8hgIn9bFjXcz2MvXfxJ36T+hrCnmSjXTjCue+nToLQFIO6tkN4XlC4YTYDPlu0z5EB08Ohg1phV9Y3WJzgog+AxILtJyAwDrXmkgJG/TIfxft5QblHN63tnbL325eNcAvOYDQgjzMCFi4JGELWFeNjJacAeTTBIUEsvz1qrcm2Qa5V5dK1ZMV+CpiKSWCbAEqV8I2/YMpIRvDdkzJZkIXLgC4kqzAUSiEt+HUC7IEg7MyILupF3lCagUzRAi/x+qWOxtEtTKyP89lXlIEBe0A++TTVHcSIGAaQd4ZBQ34mC3nk86rWbc1YNSR+vgh9m86jHdsIzGtAXYwZc7scs4WlweKtEII64Athr1hBkABW9WEgATUBvRKOeA3u6yHiQ/eWxkxx55E+lw63WAFkbpkDBku06xLgL6OnVVC2aGf1eiNPCY2XR+q0KK6Wvg38jlItSmK56xTfXDTaaBwYaNYjuSUXf6GZ9mJ3mKLzvjJs2bvVovIRevLpGHlsmWj2ym8o/FWsOmb4zj4yv0sdwOapGybJNP3d2rXS7ABTmo6pRxT/5fNDAdWjOqkMrBdu9Bwgj9hcvvmgdeZqef+PKQ2qw8YIqqnFGV8cxhtqffPSIvs04fRUHJwH0MYvtL2OVdbGH2bxUB0iIoixv06kYIaP5sdo1jiG/pNh2hg7Kry4RA32n8tkxTWceJ6yVornIYXYPs3shMB2Q4oc4o6bvd+KBnlHQ3q/pK/1c8lEM7CfdsbQK1NeFN7URySGEblcPnaYyYGP0v2LWN6YZvdkTAwr88G6j7zQnFkGoYjNqrQH9PgFJ6ElfThxknxqMG323XUZTh5bG26OVVLU9uCnFhJT+wc0Ct+sKS+G0dbcbVVfs5yPKF6a6fdqTJ25+sDQUMkHyHm40MAr
X-OriginatorOrg: it.aoyama.ac.jp
X-MS-Exchange-CrossTenant-AuthSource: OS3PR01MB5686.jpnprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jan 2021 11:17:11.9499 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: e02030e7-4d45-463e-a968-0290e738c18e
X-MS-Exchange-CrossTenant-Network-Message-Id: 58eb5008-a87d-413e-1482-08d8b2fdc7ba
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: q8ol6Qi/droDNS8WPLtYCPg2QZMM0ps60bRV5t1Ftt42IDDwf5WG3bRTSsdqUM+Zpo/nQYrrVVxKSsKz8nwAZQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: OSAPR01MB5154
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/f-gTvLk4Jl8vPiqG_aqSwyUJ19o>
Subject: Re: [core] [Last-Call] Iotdir telechat review of draft-ietf-core-dev-urn-09
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jan 2021 11:17:17 -0000

Hello everybody,

On 07/01/2021 10:00, John C Klensin wrote:
> Russ, Barry,
> 
> Another small catch...
> 
> --On Wednesday, January 6, 2021 13:41 -0800 Russ Housley via
> Datatracker <noreply@ietf.org> wrote:
> 
>> Nits:
>>
>> Section 3.2 says:
>>
>>     However, due to the SenML RFC 8428 Section 4.5.1 rules, DEV
>> URNs    do not support percent-encoding.
>>     
>> This does not seem like a "however" statement to me.  Perhaps,
>> it is a "Note that" statement.  Or, just drop "However".
> 
> Sorry I, or someone in the URN registration review process,
> didn't catch this, but I think it is a little more complicated
> than a nit.  When what became RFC 8141 was being developed,
> several people made very clear to the WG that there was no
> possible way for a URN specification to make an exception to the
> syntax rules for URIs, including the rules about
> percent-encoding in Sections 2.1 and 2.4 of RFC 3986.  I can't
> speak to what the URNBIS WG would have done had it been allowed
> to consider the options that might have been opened by
> developing different requirements for locators and names and, in
> particular, whether any such changes would have affected
> percent-encoding.   However, it was painfully clear that no URN,
> much less any particular URN namespace definition, can alter
> those rules.

John is completely correct here, many thanks for spotting this. Please 
also note the sentence

"The lexical equivalence of the DEV URNs is defined as an exact and
case sensitive string match.".

Apart from the fact that this would be better written as "an exact case 
sensitive string match", lexical equivalence has to take into account 
percent-escaping. That means that e.g.

urn:dev:mac:0024beffff804ff1 and
urn:dev:mac:0024beffff804ff%31

are equivalent. I'm sorry I don't have the time to read the whole spec; 
it would be good if some of the authors went over it again with a fine 
comb after rereading RFC 3986 and understanding how percent-escaping 
works. If they have questions, the URN mailing list (urn@ietf.org) or 
the URI mailing list (uri@w3.org) would be the best places to ask for 
advice.

Regards,   Martin.

> At this point, the most obvious option would be to change the
> statement in  draft-ietf-core-dev-urn to note that the RFC 3986
> rules apply and explain (inline or by reference) how
> percent-encoding works.  Such a statement might explain that,
> given the characters permitted in RFC 8428 Section 4.5.1,
> percent-encoding should never be necessary within a DEV URN.
> However, because the list in 8428 includes characters that are
> defined as "Reserved Characters" in Section 2.2 of RFC 3986,
> notably including ":" and "/", the possibility of their being
> percent-encoded by some process allowed by 3986 cannot be
> eliminated.
> 
> Other alternatives involve updating RFC 8141 and 3986, but I
> wouldn't recommend going there, especially if the CORE WG would
> like to see the current spec published in 2021.  The narrowest
> of those updates would be to change the rather relaxed-sounding
> language of RFC 3986 Section 2.1:
> 
> 	"used to represent a data octet in a component when that
> 	octet's corresponding character is outside the allowed
> 	set or is being used as a delimiter of, or within, the
> 	component."
> 
> To say that percent-encoding MUST NOT be used unless actually
> required, but I'd guess that would not go over well with
> existing implementations.
> 
> Or, I suppose, the IESG could decide either that 3986 does not
> count or that an interpretation that disallowed URN namespaces
> prohibiting things that it allows is incorrect.  But someone
> would probably take that as a commitment to allow a revision to
> 8141 that would codify the options that would imply.
> 
>       john
> 
> p.s. This not being spotted earlier may be a contribution to the
> discussion that is now occurring on the IETF list of early
> cross-area review and how important it is to facilitate, rather
> than discourage, such reviews.  Or not.
>

v2.23.0 | Report a Bug | By Email