IETF Logo Mail Archive

Re: [mile] Artart last call review of draft-ietf-mile-rolie-10

"Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov> Fri, 03 November 2017 15:52 UTC

Return-Path: <stephen.banghart@nist.gov>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5268113FE87; Fri, 3 Nov 2017 08:52:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J6HiDPRLlc5T; Fri, 3 Nov 2017 08:52:32 -0700 (PDT)
Received: from gcc01-dm2-obe.outbound.protection.outlook.com (mail-dm2gcc01on0096.outbound.protection.outlook.com [23.103.201.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D1C6913FE86; Fri, 3 Nov 2017 08:52:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=hikzcf3F+HCNOtjISHszcizFusj5W6l0ET3DK7bcRNg=; b=cCi/IQIeb6S2anoWxnnTOKyOXGdR5J4OSzhKnQF46UGyqBirP+XWjaaroPINUpqM86y2rfFdF/QS/Id+fQxnKfjOqbubfu9nOgh36zig/1vv57nA/EJkm1szn/xdYXcbsdIdfmMoYNsxrmd7r+ih5yoo6R3BBx45CulRIQMsHTk=
Received: from MWHPR09MB1197.namprd09.prod.outlook.com (10.172.49.143) by MWHPR09MB1198.namprd09.prod.outlook.com (10.172.49.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.197.13; Fri, 3 Nov 2017 15:52:24 +0000
Received: from MWHPR09MB1197.namprd09.prod.outlook.com ([10.172.49.143]) by MWHPR09MB1197.namprd09.prod.outlook.com ([10.172.49.143]) with mapi id 15.20.0197.013; Fri, 3 Nov 2017 15:52:24 +0000
From: "Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov>
To: Martin Thomson <martin.thomson@gmail.com>
CC: "mile@ietf.org" <mile@ietf.org>, "draft-ietf-mile-rolie.all@ietf.org" <draft-ietf-mile-rolie.all@ietf.org>
Thread-Topic: [mile] Artart last call review of draft-ietf-mile-rolie-10
Thread-Index: AQHTQLy5EiZhxIKVNkSNg/Bn547ThKLrUSVQgACYZACAFejegIABGBVw
Date: Fri, 03 Nov 2017 15:52:24 +0000
Message-ID: <MWHPR09MB11979FC6BD45C13589C99AA5F05D0@MWHPR09MB1197.namprd09.prod.outlook.com>
References: <150752570618.18384.5615358468704377459@ietfa.amsl.com> <DM5PR09MB13070FC0B54EB6DB8C707EE7F0420@DM5PR09MB1307.namprd09.prod.outlook.com> <CABkgnnX5NVZgYtOWYMgD5yEOmdnk2GEZuyR2OLNDwbTO-BytAw@mail.gmail.com> <CABkgnnWhtGJG9Td4-9Rhv--F9pTCdnOAiRBtXL8hW8LJoOugkQ@mail.gmail.com>
In-Reply-To: <CABkgnnWhtGJG9Td4-9Rhv--F9pTCdnOAiRBtXL8hW8LJoOugkQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=stephen.banghart@nist.gov;
x-originating-ip: [129.6.251.1]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR09MB1198; 6:m+VUSOlmFbELiBKT5j/pwejdk95B+W5/W9Q8lWM36rGDPloPEXwp1cwpqVrP94IZpcI2eqVCSnJzWu38vz1au5qvs0VwMKdZDqo9iL5X95zo21I+UVGs5r4HMWRr7tdHZJQsGiScMHIMQTVD2jAhJEpsigK/uPJ+8+SXcSOCMcP2kNBtMqZxbWmlPFFsYcds3Maeh/Qz7TFkZzpRv36s+xQxsdSW9B8sqRjYv5om0vxQxkUUFhMce9PXhASSPt7ZKtL5fBW58TM31HgHx946gq2aKZnHLxjZFdmLftYqfN+HUWSUQb3pN7un4tAt1mgStYLoAr3n7rOAmtsYjM6NMIXI+L5hH5O26S4UTMRoQt0=; 5:lGdtDGP7KTrtqx8eLu7fBOSWWWk1dWZ4xpxVEQ7IwW2yzSP8LI5UaEX3idfjl0mEr35rhF8/I2SIp14VO/DkSU9gdLTAhUkvkUDUTXJpWOBREql/uxQxb5ldAopsF+Em5h7xBsX1QJYha6H/73NGZ6c7FpcyyYhb2hNlpXn14zs=; 24:TjqkxRirAqBJsIjkoDaOOCanB5kVRR/cbtapfHRdJkHakXUhb6Lcasak1TJ4qA5G7OuCfdWRiFXSuk4LuTyUCLtV8TLb9RntjBWhGinYzjA=; 7:0druW7Umwbl0+gWGp2FjlxOXpjnxS4gZhkCBb6tiCZ/r+UFc1hrB0rMbjFv5XmhSMiv2ZnObLzGYYMugn83pNgHoH7qC0TE47VN8SW8lCb0ofMl7F4tP5UQCa9VMqbSjuyahNHpZxmPy1vKZxoWPYSbtIRMgd/yZZ4uQ2SrGrNtEpRjRj5lEc3aCiHA29FQPCrRVsIpMdbhdNmY42B4f59fwEaoV+E8WbutaUn4g+VT9Ppf9MeU7MqSl3/9dXpB9
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 1f3c3b24-d831-4854-cc33-08d522d2e052
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603199); SRVR:MWHPR09MB1198;
x-ms-traffictypediagnostic: MWHPR09MB1198:
x-exchange-antispam-report-test: UriScan:(158342451672863)(65766998875637)(131327999870524)(788757137089)(100405760836317);
x-microsoft-antispam-prvs: <MWHPR09MB119896F7F45E519E02A92D2CF05D0@MWHPR09MB1198.namprd09.prod.outlook.com>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(3002001)(10201501046)(3231021)(93006095)(93001095)(100000703101)(100105400095)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(20161123562025)(20161123558100)(20161123555025)(20161123564025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:MWHPR09MB1198; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:MWHPR09MB1198;
x-forefront-prvs: 0480A51D4A
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(346002)(376002)(39860400002)(13464003)(24454002)(189002)(51694002)(199003)(316002)(54356999)(76176999)(50986999)(9686003)(55016002)(97736004)(2950100002)(99286004)(6916009)(105586002)(33656002)(7696004)(106356001)(14454004)(229853002)(101416001)(53546010)(54906003)(66066001)(5660300001)(4326008)(189998001)(478600001)(8936002)(81166006)(81156014)(8676002)(68736007)(230783001)(3660700001)(3846002)(3280700002)(6116002)(6436002)(86362001)(305945005)(6246003)(77096006)(102836003)(6506006)(25786009)(53936002)(2900100001)(39060400002)(93886005)(7736002)(2906002)(74316002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR09MB1198; H:MWHPR09MB1197.namprd09.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-Network-Message-Id: 1f3c3b24-d831-4854-cc33-08d522d2e052
X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Nov 2017 15:52:24.2292 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR09MB1198
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/llP0B4G8p3gkrav53jnCYvOksEM>
Subject: Re: [mile] Artart last call review of draft-ietf-mile-rolie-10
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Nov 2017 15:52:35 -0000

Martin,

Could you clarify which XML issues you mean? The rolie:format / rolie:property elements or something else?

rolie:format is necessary beyond media types for differentiating between formats that don't have their own media type, and for making clear the difference between a "media type" and a "format". Media types provide information about the serialization of content, but don't actually define the model of the content. Schemas can be used to help the parser understand the content, rolie:format provides a means to describe both the model and the schema of the content. We could solve this by providing some modified media type, but this would require just as much specification as our current solution. As an example, how would we best specify to a consumer that the content element links to an IODEF document? It's media type is XML, but there remains information that can only be gleaned  by downloading the entire content file.

rolie:property has a couple of advantages over defining the key-value pairs in XML. Defining new elements in XML is expensive. In the ROLIE core document we define 4 new properties, which would yield 4 new elements in the schema. In our Software Descriptor we define another software specific property, and we may add more as we iterate the draft. There are two other extensions in development that may add new properties as well. rolie:property provides a means to easily define new properties without generating a huge number of new elements. 

Would it be useful to clarify this further in the specification, or do you still have technical concerns?

Thanks,
Stephen

> -----Original Message-----
> From: Martin Thomson [mailto:martin.thomson@gmail.com]
> Sent: Thursday, November 02, 2017 6:29 PM
> To: Banghart, Stephen A. (Fed) <stephen.banghart@nist.gov>
> Cc: mile@ietf.org; draft-ietf-mile-rolie.all@ietf.org
> Subject: Re: [mile] Artart last call review of draft-ietf-mile-rolie-10
> 
> I just wanted to follow up on this.  I see that the draft has been revised a few
> times, but I haven't seen any response to my comments about the XML, or
> any changes related to them.
> 
> I ask, because IANA is asking about the XML registrations.  If the working
> group consensus is that I'm in the rough, let me know and I'll tell IANA that
> the schema is good to go.
> 
> On Fri, Oct 20, 2017 at 10:53 AM, Martin Thomson
> <martin.thomson@gmail.com> wrote:
> > Thanks Stephen,
> >
> > Most of this looks good (I'll trust that your representation of the
> > changes is accurate rather than wade through XML, though I have
> > reviewed some of the changes).
> >
> > On Fri, Oct 20, 2017 at 3:24 AM, Banghart, Stephen A. (Fed)
> > <stephen.banghart@nist.gov> wrote:
> >>> The requirements in Section 5.3 on TLS use are unnecessarily strict.
> >>> It's great to recommend the use of TLS 1.2, but given that the
> >>> document has no real requirement on any particular version of TLS,
> >>> the use of "MUST" here is not needed.  Similarly, the prohibition on
> >>> the use of 0-RTT is groundless.  The lengthy list of requirements
> >>> around certificate validation only risk creating a conflict with
> >>> advice in other RFCs.  Many, if not all, of these requirements are
> >>> transitively included by way of referencing HTTPS documents.  I would
> prefer to see this entire section reduced to a simple RFC 7525 reference.
> >>
> >> The majority of the section has been reduced to a RFC 7525 reference.
> We believe that the benefits provided by 0-RTT don't outweigh the loss of
> forward secrecy. The text currently places this as a suggestion from the
> authors, and not a normative requirement.
> >
> > I'm going to push on this one more time.  0-RTT does not necessarily
> > compromise forward secrecy.  It is also entirely possible to deploy
> > 0-RTT without risk of replay attack.  But these facts don't seem
> > persuasive because it is possible to implement the feature with these
> > risks.
> >
> > The text you provide indicates that it is replay you are concerned
> > about.  Do you have any analysis that indicates that someone deploying
> > a server that enables early data would produce harm?  Does that
> > analysis suggest any other alternative mitigation strategies?
> >
> > Again, I would prefer that the draft remain silent on this subject.  I
> > realize that I'm in the rough here, but I consider this to be a test
> > case for this.  The next person who uses HTTP will see your text,
> > notice that it is good, and copy it.  It becomes precedent to forbid
> > the use of 0-RTT and we forget *why*.  I would prefer that this text
> > be better motivated if it is included.
> >
> >>> User authentication is under-specified.
> >
> > The new text is much more concise and targeted, thank you.
> >
> >>> In Section 6.2.3, what is the advantage of "rolie:format" over
> >>> having a well- defined media type?  Media types can take advantage
> >>> of content negotiation, existing support in link relations, and other
> existing tools.
> >>> This rolie:format element has namespace, format, and schema; these
> >>> are not useful to anyone that is ignorant of their contents.  The
> >>> only advantage I see is that syntax might be validated, but
> >>> semantics can't be extracted.  There's a lot of implied work in
> >>> adding this element, but that doesn't seem to be justified by that
> >>> advantage.  (I see that RFC 7970 doesn't define a media type, but it
> >>> seems like it would be easier to correct that than to define an
> >>> element like this.)
> >>
> >> Atom:content has an attribute for media type, which provides
> information about the serialization of the content representation. In many
> cases, we found that different formats can appear for the same content
> within the same media type. For example, the same piece of information
> may be represented using two different XML Schemas. The rolie:format
> element allows the entry to clarify which "format" its using beyond which
> serialization it is using. Ultimately the format element is not registered
> anywhere, nor is its contents particularly standardized. We're providing the
> element as a tool for repository producers to use.
> >
> > This is, at least in my opinion, a mistake.  It creates another layer
> > of content negotiation that is not visible to HTTP.  If the same
> > information can be presented in two different formats, why is it not
> > possible to have two media types?  Or at least a parameterized media
> > type that identifies the format.
> >
> > The problem with defining elements is that they are costly.  Not so
> > much to specify, but to implement correctly.  If you are able to rely
> > on existing mechanisms, you should do that as much as possible.
> >
> > It doesn't sound like you have a concrete use case for this, which
> > makes me nervous.
> >
> >>> Section 6.2.4 defines a generic key-value mechanism.  But that is
> >>> something that XML is actually good at.  Why can't users that
> >>> require additional metadata use additional metadata as originally
> >>> defined by Atom?  That is, replace <rolie:property
> name="urn:ietf:params:rolie:property:csirt-iodef-id"
> >>> value="12345"/> with something like
> >>> <rolie:csirt-iodef-id>12345</rolie:csirt-iodef-id>.  The final
> >>> paragraph of the section recognizes this possibility.
> >>
> >> The latter example you provide is still possible, as unrecognized elements
> in ROLIE/Atom don't cause validation to fail, but are just potentially ignored
> by the client/server. The rolie:property element allows automated systems
> to have a globally available "vocabulary" of potentially available properties,
> that can be used to populate tables or fields in automated systems.
> >
> > I realize that the set of attributes you have might be useful in this
> > context.  But defining them in XML would be much easier.  You don't
> > create a new mechanism for expressing key-value pairs, and the
> > registry that goes with it.  That seems like a minor cost, but like in
> > the previous case, the choice to define another bespoke mechanism
> > comes with hidden costs.  Why bother when you have a perfectly
> > workable mechanism available to you already?
> >
> >>> Question: it's fairly widely accepted that use of IRIs in Atom has
> >>> been less than successful.  Do you want to mandate use of URIs
> >>> instead?  This would apply to both link relations and the "src" attribute.
> >>
> >> We wanted to stay in line with the requirements in Atom, if this becomes
> an issue it may be worth re-examining.
> >
> > This is your chance.  You don't get to go back or re-examine once your
> > protocol is widely deployed.

v2.23.0 | Report a Bug | By Email