Re: Roman Danyliw's Discuss on draft-ietf-httpbis-header-structure-18: (with DISCUSS and COMMENT)

Matthew Kerwin <matthew@kerwin.net.au> Wed, 20 May 2020 23:25 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B26803A08F9 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 20 May 2020 16:25:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.648
X-Spam-Level:
X-Spam-Status: No, score=-2.648 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wL9msV5XD6Sb for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 20 May 2020 16:25:17 -0700 (PDT)
Received: from lyra.w3.org (lyra.w3.org [128.30.52.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DBF803A08F6 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 20 May 2020 16:25:16 -0700 (PDT)
Received: from lists by lyra.w3.org with local (Exim 4.92) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1jbY2R-0001wz-FR for ietf-http-wg-dist@listhub.w3.org; Wed, 20 May 2020 23:22:15 +0000
Resent-Date: Wed, 20 May 2020 23:22:15 +0000
Resent-Message-Id: <E1jbY2R-0001wz-FR@lyra.w3.org>
Received: from titan.w3.org ([128.30.52.76]) by lyra.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <phluid61@gmail.com>) id 1jbY2P-0001wE-Lg for ietf-http-wg@listhub.w3.org; Wed, 20 May 2020 23:22:13 +0000
Received: from mail-il1-f177.google.com ([209.85.166.177]) by titan.w3.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <phluid61@gmail.com>) id 1jbY2M-0005dV-T8 for ietf-http-wg@w3.org; Wed, 20 May 2020 23:22:13 +0000
Received: by mail-il1-f177.google.com with SMTP id j3so5063216ilk.11 for <ietf-http-wg@w3.org>; Wed, 20 May 2020 16:22:10 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vrlxXwx6nm0g48HJP1rOTgeEBm/XnBbJjeJdGhRuc74=; b=Z8f/g327rcP0Y1gs4ZlZNSxca1dDwsy3GCRF4Rf5HTWm06UNQrfZmnR9uS1geX26UA 7TyXFPq3iJXhDavR42sku6m+O5rr74DGK/3af5WVlITJ48Sphq174ikV38jSqBtX+L0d N7lFg1CV9Hr5k0RFSj8CDzDs0ZAlbeLFLCa1P1tOJzHWDr8fdWahLEh4Cr87gcu/fLK7 Gtz1X/tr1pmVnxALmCLPHVAJdB2J6yiCkzc+C77RaVkw9GppYRkdE36JIZucg/qEjoVI rrRhevvrHcKkOBU0WWaAwSFurVMfPpZuYapiLJ7Usd3TgPfiyjs2Vi+hGj9AtSZckUJQ 806Q==
X-Gm-Message-State: AOAM530IYFEBUYvTo2H+Y2t4F83Mdm1AEToZYZvANzhBXtXe3Uts1c0p 4hKLZ981OTlg1ipeGmR16eDyB/tSC8AwVzc8O6s=
X-Google-Smtp-Source: ABdhPJxSMtCdmm5ApLZ3KjHS2SRcNGg/BPfo2Ze35TUCU3J4EUNIRwGZ9CQTC5bjBZ0t6eTTwLrAxKTR5Ss0qyoAs28=
X-Received: by 2002:a92:d182:: with SMTP id z2mr6272163ilz.47.1590016918906; Wed, 20 May 2020 16:21:58 -0700 (PDT)
MIME-Version: 1.0
References: <159000658355.8322.2397398340757603474@ietfa.amsl.com>
In-Reply-To: <159000658355.8322.2397398340757603474@ietfa.amsl.com>
From: Matthew Kerwin <matthew@kerwin.net.au>
Date: Thu, 21 May 2020 09:21:50 +1000
Message-ID: <CACweHND4hwaQCE0yA=Y_nC11vTVGp2PdoJgmcin6Jz89jrJ9OQ@mail.gmail.com>
To: Roman Danyliw <rdd@cert.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-httpbis-header-structure@ietf.org, httpbis-chairs@ietf.org, HTTP Working Group <ietf-http-wg@w3.org>, Tommy Pauly <tpauly@apple.com>
Content-Type: multipart/alternative; boundary="000000000000a36f1a05a61ca9a6"
Received-SPF: pass client-ip=209.85.166.177; envelope-from=phluid61@gmail.com; helo=mail-il1-f177.google.com
X-W3C-Hub-Spam-Status: No, score=-3.1
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: titan.w3.org 1jbY2M-0005dV-T8 7fd5b495862956fd3ad87ad22a34a65a
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Roman Danyliw's Discuss on draft-ietf-httpbis-header-structure-18: (with DISCUSS and COMMENT)
Archived-At: <https://www.w3.org/mid/CACweHND4hwaQCE0yA=Y_nC11vTVGp2PdoJgmcin6Jz89jrJ9OQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/37687
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <https://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Thu, May 21, 2020 at 6:36 AM Roman Danyliw via Datatracker <
noreply@ietf.org> wrote:

>
> (I appreciate that this is pseudo-code which has inherent ambiguity
> sometimes,
> so please let me know if I've interpreted it in an unintended way)
>
> ** Section 4.2.6.  There appears to be an inconsistency here in my reading
> of
> the algorithm given the ABNF in Section 3.3.4
>
> -- Let’s assume of token of input_string =“*foo”
>
> -- Step 1: pass since input_string[0] = “*”
>
> -- Step 2: Set output_string = “”
>
> -- Step 3: pass since input_string[0] = “*”,
>
> -- Step 3.1: input_string[0] is still “*” and not a tchar, “:” or “/”
> causing a
> output_string=”” to be returned
>
> This doesn’t seem correct.
>
>
tchar contains "*" <https://tools.ietf.org/html/rfc7230#section-3.2.6> so
step 3.1 passes.


> ** Section 4.2.7.  The parsing guidance doesn’t follow for me given the
> ABNF in
> Section 3.3.5.
>
> -- Let’s assume input_string =
> “:cHJldGVuZCB0aGlzIGlzIGJpbmFyeSBjb250ZW50Lg==:”, the example in Section
> 3.3.5
>
> -- Step 1: pass since input_string[0] = “:”
>
> -- Step 2: Set input_string =
> “cHJldGVuZCB0aGlzIGlzIGJpbmFyeSBjb250ZW50Lg==:”
>
> -- Step 3: pass since the last character of input_string is “:”
>
> -- Step 4: Set b64_content = “cHJldGVuZCB0aGlzIGlzIGJpbmFyeSBjb250ZW50Lg==”
>
> -- Step 5 says “consume the “:” character at the beginning of the
> input_string,
> but there is no such character.  It was discarded in Step 2.
>
>
By the time we're at step 5 we've discarded the first ":" and consumed the
b64 data, so the first character of input_string should be the final ":".



>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> ** Section 4.1. Reading steps 1 – 6 like pseudo-code, if Step 1 is true,
> output_string will be undefined in Step 6.    There needs to be a step 0
> which
> reads “Let output_string be an empty string” or Step 1 needs to explicitly
> initialize output_string.
>
>
Either "do not serialize the field at all" means abort the algorithm at
this step, or emit an undefined value at the end. Your choice.


> ** Section 4.1.8.  Per Step 1, “If input_bytes is not a sequence of bytes,
> fail
> serialization”, what input wouldn’t be considered as sequence of bytes?
>
>
UCS-2 is a sequence of 16-bit integer values.


> ** Section 4.2.  An algorithmic style nit.  In Section 4.1, the text used
> an
> “IF x ELSE IF y ELSE IF z ELSE fail” convention.  Here the text is a
> series of
> simple “IF x; IF y; IF z; …” statements.
>
> ** Section 4.2.  Editorial.  In step 8, s/Otherwise, return output./Else,
> return output./
>
>
Cheers
-- 
  Matthew Kerwin
  https://matthew.kerwin.net.au/