Re: [Iot-directorate] [Last-Call] Segmented strings (Re: [Rats] EAT profiles (was Re: Iotdir last call review of draft-ietf-rats-eat-13))

Jeremy O'Donoghue <jodonogh@qti.qualcomm.com> Fri, 10 June 2022 08:15 UTC

Return-Path: <jodonogh@qti.qualcomm.com>
X-Original-To: iot-directorate@ietfa.amsl.com
Delivered-To: iot-directorate@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6DFBCC157B5A; Fri, 10 Jun 2022 01:15:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.31
X-Spam-Level:
X-Spam-Status: No, score=-4.31 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, GUARANTEED_100_PERCENT=2.699, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=qti.qualcomm.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4HW5Xrj3GYCJ; Fri, 10 Jun 2022 01:15:19 -0700 (PDT)
Received: from esa.hc3962-90.iphmx.com (esa.hc3962-90.iphmx.com [216.71.140.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7493EC157902; Fri, 10 Jun 2022 01:15:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qti.qualcomm.com; i=@qti.qualcomm.com; q=dns/txt; s=qccesdkim1; t=1654848919; x=1655453719; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=iBTzxqis3DymO2mNsIpMpSzFENgZUa0Zgy6Dmk7HkeQ=; b=GKgzrj2V3zSiMBY7bgMxbMLcct4ZdLrQDzCSQI77TAN9SWIkT+hyjIU/ REEdHMT0HCPLVBAng5wYF94iaBu0KjYZHXjznj6m5MDinWCZisYnDzi8u Ostv+EqHvfyVTgY+FwMhMl9tphXttNd6/YXREZrnyPbCjodqw1CT2/3ZG I=;
Received: from mail-bn1nam07lp2040.outbound.protection.outlook.com (HELO NAM02-BN1-obe.outbound.protection.outlook.com) ([104.47.51.40]) by ob1.hc3962-90.iphmx.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jun 2022 08:15:16 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mjKtxY+47U9aK2SKx3bjy1p5CWAeh3WMY3ORt5HJwkXyApm4KtEbV4/GGHV2srFJhMCmc2pmCMRgHOGeE1UsCc/gTBP1gCWPln8+c1HIhdU/HYDGFL9ivlLKKaf+TzYHAny3GQMgl0DgJRPg4WXVv4YpswEPY+ShulV5tpSdY0wHQmWtQlYNMhQWgrdpAdnhjCW3KGP8eCOgH7m06mDNs6PCK2m62v8LPpITKdjPfYP0X190CZidgvIWNrdfliE1Epeci9VbfqaYjyxh60fYdKMTqQE+fyTHzL4g5KFUZJmtnGTWMhEzvccV/Ik2hh6sc8PeOGkIg57Zr8TdK3uNag==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iBTzxqis3DymO2mNsIpMpSzFENgZUa0Zgy6Dmk7HkeQ=; b=QTfiJ9BWhA4dPltRKtElDp9kEHLqkbhQRSiYJBwHoNTVOrLrw8+d/ZpOZqHWLswgVpTXwFzTstNcOZVmUEwbz5IzggBl0wGPTLiezaYlbRDQpCkMrsIhqFG7bYNNYviZZCNfBK3J9eH2bIVM11bY9wGR1HJ34zdyMmwPavwbutovzALMBypexm9enb+KgFoSG4FBBx//yZKxxsuZoduhcqp1yiBIkMvh6s9qzcH843MHH2QhY+cmj0+G95hQpkfl/5jrLDtKpdIsAn2+yWP3qx4abXh/a0oU3S5HxCwQUOr/Zgf1BDh11u5Uy6poFZaNm4uFMAjBKDW3CbEjfFVGUg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=qti.qualcomm.com; dmarc=pass action=none header.from=qti.qualcomm.com; dkim=pass header.d=qti.qualcomm.com; arc=none
Received: from PH0PR02MB7256.namprd02.prod.outlook.com (2603:10b6:510:1a::23) by MN2PR02MB6255.namprd02.prod.outlook.com (2603:10b6:208:1b9::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5314.15; Fri, 10 Jun 2022 08:15:13 +0000
Received: from PH0PR02MB7256.namprd02.prod.outlook.com ([fe80::8823:f13d:bc:e328]) by PH0PR02MB7256.namprd02.prod.outlook.com ([fe80::8823:f13d:bc:e328%9]) with mapi id 15.20.5332.014; Fri, 10 Jun 2022 08:15:11 +0000
From: Jeremy O'Donoghue <jodonogh@qti.qualcomm.com>
To: "Martin J. Dürst" <duerst@it.aoyama.ac.jp>, Laurence Lundblade <lgl@island-resort.com>, Carsten Bormann <cabo@tzi.org>
CC: Eliot Lear <lear@cisco.com>, "iot-directorate@ietf.org" <iot-directorate@ietf.org>, "draft-ietf-rats-eat.all@ietf.org" <draft-ietf-rats-eat.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>, rats <rats@ietf.org>, "cbor@ietf.org" <cbor@ietf.org>
Thread-Topic: [Last-Call] Segmented strings (Re: [Rats] EAT profiles (was Re: Iotdir last call review of draft-ietf-rats-eat-13))
Thread-Index: AQHYfJZ3oN2Ii5XupU+sZynmyRk5TK1IRIar
Date: Fri, 10 Jun 2022 08:15:11 +0000
Message-ID: <PH0PR02MB7256F46500F5AA6D859489F8F2A69@PH0PR02MB7256.namprd02.prod.outlook.com>
References: <165443386776.35361.12898474920348394274@ietfa.amsl.com> <E267AEDE-D1DB-415B-B28F-DD78A517D27A@island-resort.com> <A38F37B7-2E81-451F-86BA-0A041760EB7E@tzi.org> <9E4661C8-DFB7-4BC3-A7B5-150C774917F0@island-resort.com> <8C044EB7-92CF-4306-9025-FD667E1B0F22@tzi.org> <B7C27559-92B6-4426-821B-431A08341C72@island-resort.com> <6CDA1CA0-A59A-4ED7-903F-0B6829F08075@tzi.org> <AC2E17A1-52E7-455F-8959-091D58AA291F@island-resort.com> <9a938d66-55b9-c4e4-a5cf-0d655a90fcbd@it.aoyama.ac.jp>
In-Reply-To: <9a938d66-55b9-c4e4-a5cf-0d655a90fcbd@it.aoyama.ac.jp>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=qti.qualcomm.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 1ae2da9f-bc54-4502-e2f1-08da4ab956fc
x-ms-traffictypediagnostic: MN2PR02MB6255:EE_
x-microsoft-antispam-prvs: <MN2PR02MB6255E54294B4AB899DC13B07F2A69@MN2PR02MB6255.namprd02.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: evCPqhyF2/cLWhcOW/x5uCUHOxpST8BRSshuLRi+9yXYKQ027VMl4tlQp0eqAjcs3yU4qqTIPvRZ2mGmrxwaAwTxc2ztsGQOhmW4mayC3R6WTmlHRaJCGDcT7GyBndYGf99UuoSzF4lnJDOvNlnsR8ylMlb3G6OCSDA09qjOE+UoVj1I5ggZpjoSa29+HuNK410T4Phz4MUBASYkD0+SEcqbsyqrdYYNwwR9bDh0q4/6kjabjh+XmZYAmZS/elycnPU3fP7h54C4GXLk4/KXu4GA8zWO8QPZumPmvzig6aT8k1qnkJ3VBUV12PPKr/ETxbECKgtw++OziFFmqi3cui6E0qr914FEXhJ79hzpE37bqjpo4JGqQB51uhMQGx3/32Z79wylNB7rSxic6hsdRQuvdNRmc+b95/TaOBo/ooJ0Mxm+jFKtaZbOtJxb2z8jPasq1PUgeExuDvxf07jzEzYHFkUDTkOnH1UZJQ54ChruJZjHLSDgF2ZUl77jdT6PlcezYOVG7xyxvv5SW8vzKc5Qed3ZqPUlEZRJHvT/u2kfjSEJmDZtzldFvKxzSxLQOFQVOodEEBUj+bM5uJ6BFVN7txYW7k2g4mvsu1MdQ3k07xnOwaP9v/jGJcP1kpwIgBk0LKwXeBI5o0B+VB0+oHs5/0EserGqKAZjzumPpAUcfjReprN3JB48KBUg9HRYiaocHbQ7StnbfX9q89+/HC6zCAlIXGdF3npi27nJABQ=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR02MB7256.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(66446008)(38070700005)(64756008)(7696005)(76116006)(53546011)(122000001)(5660300002)(9686003)(26005)(4326008)(66476007)(66556008)(91956017)(2906002)(8676002)(54906003)(66946007)(186003)(38100700002)(83380400001)(55016003)(6506007)(316002)(110136005)(66574015)(71200400001)(86362001)(52536014)(8936002)(508600001)(33656002)(6314003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: gG8BoFkYl5sUKuXz0abY0PK5hmA9O2lT1FJEOU9cx45cbmRsxDrfhlFwToCjWMX3E+NAIJwuGiDJItjZPYGtHBTEptPb4q4tNq77gkcMyPHAX89BkjyYjsFEP5lS5i7W/nmbz7RT9udJTC6D5NZCCfzOjNpVi3xdPkLA7PSXgI8IquNMNpJLcND51KHbwnSTPTzMNREvEtkZELANbJD0K5Vr3m/6ihy5AgU9UAaF8GKitXHPbpUywG2odp720tWJgB1IeVxfEYEOvMefd5hMYmOOp5oKCQhCRLQfjnH9fDE8zep4Vs4MpXpWRUCAf/1hFOouG96yRwBd5DYiqWSo78Feuyv5XlO0wDgdop5AjRfz9lJ68gUC9B+aEM/OsMyIcgw88arHKjV1uhSmQEoN2tWVB6vmg7Ql0m49bdhkfZ6EzHN9SK3HK0Jb4xf4Ob+RjctKXdpocbc9F8ChjAfqEzU8i73Rx7yAgVjq9ltXK2qGU3y0+CBCyecRt2ljDQVnJoEacJbo+cujJHfZba3r4Pu4aoFhj1ZemM+NeWbzcBUCpv5xtH+6x5CEWAf+/pu+ceTKLeK0SU53k72QZbiZaujxc856CQLvKjWKUYwP8PrHk9crionH3aYBzeBHV427iL3ewvQpOoIVCAv77XfHB15i+FZS/kULimZGccMjjjvVjWNCwApugrJmL5CV8L5BI0chAICr7NRXF6UUs6oL7+/F0rMl+mPmk4vwg6SI0w6hmcq/m0yHQBwYj3wtc85P/GryPBGTWpm14JHsQd0CaZYHF6VET3/Gxa+zMMyNA7h9ohDbEp3Uq02M3N62iLKWEAP3Tj+c1/CQMsTOXj+SaUXxZFlPJ45eeabD0WGNbmu/th0jNtWCIR15FSXY91/VerS0TVi5suLNHWWqR0RwS19GVNLLIrBZAKeZ7GTe5E1ttXZ87zFlGHJREQYyOc4X9iQ/qbM5zXQ/cfIChfL52dkgb/rtAY7WCUynxmBlJa5DjfRz3bauQTbKNf+ACDPc7OE74V4yicThVvIjudWkBljhPaEJ9xX2gImZ1vsXBH7r4ym3Bfj+YfRCIl4hyl59cLIA2xVqmUEDgt8GLqORHy8U3a0hMZH80fRg1Lh51LjUTtFDpUA+hiUduJMg8X2oQCnY3J3WnR/JAtWpGRRBgcAryj9EXAe1ICXBrtfgE2bTaZXOJS3tq6TnhX1X2YxnyajNMEIm+/l019BnHGqv0TLaivAKEkBCMBFNXmg+w5uJ40OW7QCt2ARyZaC+uJufl/ttFSIuASzgB+reoaAHUqmsDIpLPudNPnas/q6YPFplxdbqE+h9tUTyH9PTjHu2wCrh2hDjbUQm77vBFediPqlKW0dSlaHus7G6vC40yf5jY0+WljFAVOz2BFAxZwXGypALzj/VeEbCNW7p24Xocukgimmnc/LA9YOz/IGwjAwDxrIo7JtGUwoAyyKd+OsLkz7RXHyD/vTXusuxw0kyJggy5w07E9hOPdaecazrpAdjDLzeVyOQeOJmeQPpgA3Apz0YcgQWir97bDYmGXTv/tvArkEZyqgG21M2XHI8sKZ6YDf58tnDpE8iM+rihPprp+dtn6NuNKaHCxdUoFvmwTr5R7y75CsYvM2Cnsq/AKE44G04oTjzNq86kTqYs0wE4wgPbqRlFn4UP41i6Uzg0+2+7v796JUwtmG2Sd5RlOnsEcR5t0O20jevXVqg5m576kpud0BRECOWHWHQ3yrCekYDrZzPkiLTQsTFEwSAxBgoQDXuE1sA5C4tzIDGlVmC
Content-Type: multipart/alternative; boundary="_000_PH0PR02MB7256F46500F5AA6D859489F8F2A69PH0PR02MB7256namp_"
MIME-Version: 1.0
X-OriginatorOrg: qti.qualcomm.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR02MB7256.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1ae2da9f-bc54-4502-e2f1-08da4ab956fc
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Jun 2022 08:15:11.5009 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 98e9ba89-e1a1-4e38-9007-8bdabc25de1d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: j0+Aok/XXsnrcffxu/mUbuadoK1zk3aoQVFpRaM+aMTfrcr3oDH9QYdEAy4r/PHa+DSCMO0J+wAo/MZMHo31Sejn3ztys2XfM3DN4rZIdUk=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR02MB6255
Archived-At: <https://mailarchive.ietf.org/arch/msg/iot-directorate/5dQEjjKHh4WMj1S6Ua_cCJsp7Sg>
Subject: Re: [Iot-directorate] [Last-Call] Segmented strings (Re: [Rats] EAT profiles (was Re: Iotdir last call review of draft-ietf-rats-eat-13))
X-BeenThere: iot-directorate@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Mailing list for the IoT Directorate Members <iot-directorate.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/iot-directorate>, <mailto:iot-directorate-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iot-directorate/>
List-Post: <mailto:iot-directorate@ietf.org>
List-Help: <mailto:iot-directorate-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/iot-directorate>, <mailto:iot-directorate-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jun 2022 08:15:23 -0000


On 10/06/2022, 07:51, "Martin J. Dürst" <duerst@it.aoyama.ac.jp> wrote:

WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros.

Hello Laurence, others,

On 2022-06-10 04:57, Laurence Lundblade wrote:
>
>> On Jun 9, 2022, at 12:30 PM, Carsten Bormann <cabo@tzi.org> wrote:
>>
>> On 2022-06-09, at 21:17, Laurence Lundblade <lgl@island-resort.com> wrote:
>>>
>>> One person legitimately implements sending EATS with  segmented strings  Another person legitimately implements without being able to decode  segmented strings.
>>
>> Well, an implementation that doesn’t handle segmented strings may be “legitimate”, but it won’t be a complete implementation (and thus not interoperable) if you decide EAT to make no restrictions on generating segmented strings.
>
> Maybe use the term “fully conforming” rather than “legitimate” or “complete” where "fully conforming" means adherence to what is in the specification and its normative references and no more. No tacit assumptions about the way typical libraries behave or their level of completeness are required to guarantee interoperability.

"fully conforming" doesn't sound right to me. I'd expect everybody to
expect that two fully conforming implementations would be guaranteed to
interoperate.

What about "minimally conforming"? "Two minimally conforming
implementations are not guaranteed to interoperate." sounds much more
reasonable than "Two fully conforming implementations are not guaranteed
to interoperate."

[JOD] As far as I can tell from the specification, for a “fully conforming” CBOR implementation:


  *   Indefinite length maps and arrays consisting of up to 2^64 entries must be supported (and note that, as far as I can tell, there is nothing preventing every entry in an array from being a definitely encoded string of length 2^64)
  *   There appears to be no limit at all to the length of indefinite encoded strings.

There may exist hardware platforms wishing to support EAT which cannot fully support those requirements. In fact, I suggest that there likely exists NO fully conforming CBOR implementation based on the above limits (and others in the specification). Add the need to layer COSE over the CBOR and I am even more certain that the concept of “fully conforming” doesn’t really exist – at least in the absence of a normative compliance test suite that defines appropriate limits for CBOR and COSE.

Statements along the lines of “an entity capable of receiving <thing> MUST support a payload of at least <number> bytes” are commonplace. Perhaps profiles are the right place for additional restrictions, but it seems reasonable to at least discuss implementation considerations in the main text.

Since the CBOR specification also says “some applications and protocols will not want to use indefinite-length encoding”, I’d like to understand if there even exists a reasonable case for an EAT which requires indefinite length encoding. If there is not, I would be minded to explicitly exclude indefinite length items from EAT. This would address the “one person legitimately implements EATs with segmented strings” problem. I accept that this potentially deviates from “EAT is a CWT” as CWT doesn’t exclude indefinite length encoding.

Regards
Jeremy

Regards,   Martin.

> I kind of expected the IETF to harass me if fully conforming implementations of something I wrote aren’t 100% guaranteed interoperable. That during review all the nooks and crannies where there might be interoperability issues would be ferreted out.
>
> LL