IETF Logo Mail Archive

Re: [dmarc-ietf] Fwd: [Technical Errata Reported] RFC7489 (7865)

Alessandro Vesely <vesely@tana.it> Tue, 26 March 2024 12:57 UTC

Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8205C18DB96 for <dmarc@ietfa.amsl.com>; Tue, 26 Mar 2024 05:57:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id riLqIrQlXUwF for <dmarc@ietfa.amsl.com>; Tue, 26 Mar 2024 05:57:31 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [94.198.96.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ECA1FC18DB92 for <dmarc@ietf.org>; Tue, 26 Mar 2024 05:57:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1711457842; bh=D0YDOmIU1v8qj/rc5mXZEmytQVyc5ha8PDVI/2i5JHk=; h=Date:Subject:To:References:From:In-Reply-To; b=AQm9NASCPPc1WIWlly2MEn3CJBCiJVO6lrrSd7astYTeTXkVwDilsNuKneLcLjfRM L/dkx3U1lpos3XS/K1B/7GIcqN7IYOrah5uZoXdYg2WN06z355poN9TTN08AjKbOoO Y3rhU6jp/iNZ/HeTUOL/HdckWjK1gZLTPbXiKMdl/8mNKIgReAjakVHvpRrQt
Original-Subject: Re: [dmarc-ietf] Fwd: [Technical Errata Reported] RFC7489 (7865)
Author: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.120] (pcale.tana [::ffff:172.25.197.120]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC0CD.000000006602C631.0000667C; Tue, 26 Mar 2024 13:57:21 +0100
Message-ID: <2b914f3d-7219-4bea-b072-490cfd7ea672@tana.it>
Date: Tue, 26 Mar 2024 13:57:21 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
To: John R Levine <johnl@taugh.com>, dmarc@ietf.org
References: <20240323185339.DA2DD85FCC3A@ary.qy> <97bdc6e7-0170-4101-8b57-2e8e7d8d72c6@tana.it> <3bfe0df7-d5c8-43e9-9e84-ba74cd1bb470@tana.it> <ada8e730-087f-3aa4-3ee3-95e93e6a3255@taugh.com>
Authentication-Results: tana.it; auth=pass (details omitted)
From: Alessandro Vesely <vesely@tana.it>
Content-Language: en-US, it-IT
In-Reply-To: <ada8e730-087f-3aa4-3ee3-95e93e6a3255@taugh.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/UyVWiMl9ahgQLgW2mLTPOnAeT5Y>
Subject: Re: [dmarc-ietf] Fwd: [Technical Errata Reported] RFC7489 (7865)
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Mar 2024 12:57:36 -0000

On Mon 25/Mar/2024 18:54:14 +0100 John R Levine wrote:
> On Mon, 25 Mar 2024, Alessandro Vesely wrote:
>>> How about:
>>> "(::ffff:)?(([01]?\d?\d|2[0-4]\d|25[0-5])\.){3}([01]?\d?\d|2[0-4]\d|25[0-5])"/>
>>
>> Testing yielded a correct fix:
>>
>>  "(::[Ff]{4}:)?(([01]?\d?\d|2[0-4]\d|25[0-5])\.){3}([01]?\d?\d|2[0-4]\d|25[0-5])"/>
> 
> There are lots of other ways to write it, e.g.
> 
>   ::00:ffff:12.34.56.78
>   0:0:0:0:0:0:ffff:012.034.056.078


The latter yields failure running the example program in the inet_pton(3) man page.  See e.g.
https://www.man7.org/linux/man-pages/man3/inet_pton.3.html#EXAMPLES

Curiously, I get:
ale@pcale:~/tmp$ ./a.out i6 0:0:0:ffff:5:6:7:8
::ffff:5:6:7:8
ale@pcale:~/tmp$ ./a.out i6 0:0:0:ffff:5.6.7.8
Not in presentation format
ale@pcale:~/tmp$ ./a.out i6 0:0:0:0:0:ffff:5.6.7.8
::ffff:5.6.7.8


> and they're actually IPv6 addresses.  Just take it out, if nobody has tried to 
> use this form in the past decade, they won't use it now.


That is not true.  We are not verifying the grammar of all aggregate reports.  It may well be that people uses those forms even if we didn't see them.

Leading zeroes can be accommodated in the regex.  The number of ways you can write IP addresses is not infinite.  Strings accepted by inet_pton() should pass the regex.  We can either fix the regex and test it, or switch to a lax /[0-9a-fA-F.:]+/.

To accommodate the formats above (except inet_pton() bugs), the first line can be:
   "((((0{1,4}:){3})|(::(0{1,4}:){0,2}))([Ff]{4}:))?(([01]?\d?\d|2[0-4]\d|25[0-5])\.){3}([01]?\d?\d|2[0-4]\d|25[0-5])"/>

In addition, to account for "::", the last line should change to:
   <xs:pattern value="::[A-Fa-f\d]{0,4}"/>


For sure the grammar needs more testing.  An example is the error element:

   <xs:element name="error" type="xs:string"
         minOccurs="0" maxOccurs="unbounded"/>

This element is inside an xs:all, where elements can appear in any order.  That model implies they can either appear or not inside xs:all.  Thus "unbounded" is not allowed.
https://www.w3.org/TR/xmlschema11-1/#declare-contentModel


Best
Ale
--

v2.23.0 | Report a Bug | By Email