Re: [dtn] [EXT] Re: IPN update text-form and CBOR-form parity with allocator zero

["Birrane, Edward J." <Edward.Birrane@jhuapl.edu>]

Rick,

  My read on this is that the decisions around how we textually represent the default allocator and encode them in the 2 and 3 element case are all fine as-is. No changes to sections 4 or 6 or appendices b or d are needed.

  I think there is a typo in appendix a which Brian found and needs to be corrected. Appendix a needs to allow a zero allocator id to be compliant with the text in the rest of the document.

-Ed

Sent with BlackBerry Work
(www.blackberry.com)


From: dtn <dtn-bounces@ietf.org<mailto:dtn-bounces@ietf.org>> on behalf of: Rick Taylor <rick@tropicalstormsoftware.com<mailto:rick@tropicalstormsoftware.com>>
Date: Sunday, Apr 07, 2024 at 6:58 AM
To: Brian Sipos <brian.sipos+ietf@gmail.com<mailto:brian.sipos+ietf@gmail.com>>, dtn@ietf.org <dtn@ietf.org<mailto:dtn@ietf.org>>
Subject: [EXT] Re: [dtn] IPN update text-form and CBOR-form parity with allocator zero

APL external email warning: Verify sender forwardingalgorithm@ietf.org before clicking links or attachments


Thanks Brian,

A good comment.  We prevaricated about whether the leading ‘0’ for the Default Allocator was permissible in the text representation, or whether it MUST be omitted.  It sounds like we went with the wrong choice.

I’ll have a good look at the impact of relaxing the MUST to SHOULD, but it sounds like the right way to go in light of your comments.

Update incoming ASAP.

Cheers,

Rick

From: dtn [mailto:dtn-bounces@ietf.org] On Behalf Of Brian Sipos
Sent: 06 April 2024 23:13
To: dtn@ietf.org
Subject: [dtn] IPN update text-form and CBOR-form parity with allocator zero

Authors of ipn-update draft,
There is a nuance to the text form specified in Appendix A [1] that prohibits a zero-valued allocator component so that the zero-allocator can only be represented by the two-component text form. This is in contrast to the CDDL definition in Appendix C which does allow a zero-valued allocator component.

A side-effect of this is that there is not a one-to-one correspondence between text-form and CBOR-form EIDs. Certainly the semantic meaning is the same between a zero-allocator three-component form and the two-component form, but the lack of exact correspondence means that a trivial transcoder needs to have some special cases for this situation. This can be seen in the discrepancy between EIDs present in Appendix B.1 vs. D.1 and B.3 vs. D.3. It also means that not all IPN-scheme EIDs can be written in a three-component canonical form.

Because of this, it is possible that a CBOR-to-text-to-CBOR conversion will lose information and the output will be different than the input. This will have implications for things that require guarantees about re-encodings such as BPSec processing.

I think a simple change in Appendix A from

allocator-identifier = non-zero-number
to

allocator-identifier = number
will resolve this in a way that probably is compatible with existing three-component EID codec implementations anyway.

This also calls into question the single statement in Section 8.3; there should probably be a stronger security statement and a requirement that implementations must preserve the component count when transcoding IPN EIDs.

Apologies for this late feedback, but I think it will avoid a subtle security issue and potential user headaches.

- Brian S.

[1] https://www.ietf.org/archive/id/draft-ietf-dtn-ipn-update-10.html#appendix-A