Re: [fdt] [Cacao] Public Comment for CACAO Draft

Carsten Bormann <cabo@tzi.org> Tue, 15 December 2020 07:52 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: fdt@ietfa.amsl.com
Delivered-To: fdt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32ECA3A0D3C; Mon, 14 Dec 2020 23:52:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.003
X-Spam-Level:
X-Spam-Status: No, score=0.003 tagged_above=-999 required=5 tests=[RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RNLkpnYyI_4l; Mon, 14 Dec 2020 23:52:45 -0800 (PST)
Received: from gabriel-vm-2.zfn.uni-bremen.de (gabriel-vm-2.zfn.uni-bremen.de [134.102.50.17]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4D7703A0D2D; Mon, 14 Dec 2020 23:52:44 -0800 (PST)
Received: from [192.168.217.118] (p548dca87.dip0.t-ipconnect.de [84.141.202.135]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-vm-2.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4Cw9Tk3KM4zyVR; Tue, 15 Dec 2020 08:52:42 +0100 (CET)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <1493.1601060690@localhost>
Date: Tue, 15 Dec 2020 08:52:42 +0100
Cc: Bret Jordan <jordan.ietf@gmail.com>, cacao <cacao@ietf.org>, cbor@ietf.org, fdt@ietf.org
X-Mao-Original-Outgoing-Id: 629711562.006294-7a17c1d2e0b8cf7eae8dd8288ff70866
Content-Transfer-Encoding: quoted-printable
Message-Id: <6DCC3CC5-3906-47E4-8186-C419518B0951@tzi.org>
References: <F72C1EB3-CFC6-4E4D-AB5E-1AB2A83B7311@gmail.com> <1493.1601060690@localhost>
To: Michael Richardson <mcr+ietf@sandelman.ca>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/fdt/Xvpb_RaKmZgJ7mbvBhdKkY52_-k>
Subject: Re: [fdt] [Cacao] Public Comment for CACAO Draft
X-BeenThere: fdt@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Mailing list for the discussion of the use of formal description techniques in IETF documents <fdt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/fdt>, <mailto:fdt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/fdt/>
List-Post: <mailto:fdt@ietf.org>
List-Help: <mailto:fdt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/fdt>, <mailto:fdt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Dec 2020 07:52:49 -0000

On 2020-09-25, at 21:04, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
> > HTML: https://docs.oasis-open.org/cacao/security-playbooks/v1.0/csd01/security-playbooks-v1.0-csd01.html
> I found having section 2 full of data types at the beginning a bit jarring.

With little mistakes such as

> signed 54-bit value ([-(2**53)+1, (2**53)-1]), […] as defined in [RFC7493]. 

or the empty description column in 2.1.4 (which creates serious work if you try to fill it in).

(What was the variable name syntax?)

Seriously, I don’t expect application layer specifications to get all these details right.
The draft makes pretty good use of the limited vocabulary that it has.

It would be an interesting exercise to write this up in a more actionable way.
Or, maybe write a draft that provides vocabulary that can be used by a draft like this.

Grüße, Carsten