IETF Logo Mail Archive

Re: [netconf] [Technical Errata Reported] RFC8040 (7866)

Andy Bierman <andy@yumaworks.com> Thu, 04 April 2024 19:36 UTC

Return-Path: <andy@yumaworks.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6DD1FC14F6FA for <netconf@ietfa.amsl.com>; Thu, 4 Apr 2024 12:36:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.853
X-Spam-Level:
X-Spam-Status: No, score=-5.853 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NUMERIC_HTTP_ADDR=1.242, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yumaworks.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gCTdAJTFRjbv for <netconf@ietfa.amsl.com>; Thu, 4 Apr 2024 12:36:47 -0700 (PDT)
Received: from mail-pg1-x52b.google.com (mail-pg1-x52b.google.com [IPv6:2607:f8b0:4864:20::52b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06DBBC14F617 for <netconf@ietf.org>; Thu, 4 Apr 2024 12:36:46 -0700 (PDT)
Received: by mail-pg1-x52b.google.com with SMTP id 41be03b00d2f7-5f034b4dcecso1011586a12.1 for <netconf@ietf.org>; Thu, 04 Apr 2024 12:36:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yumaworks.com; s=google; t=1712259406; x=1712864206; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=360eBE+UXEVKeoizJ593W7FcswLeVGiqqj8+BZ8DTek=; b=Sn59dZe4SIFsiSx8z2RNiexjwMzpjUselwfq2Qpaa2FJS2j8mfo1Hqf5nba0BgK7Xw YEyLjLjROn6HbCsZJYKW23d+oni76W24aeQzpGAP1nny6iYi+dlGyMG01UrtySAZ+SRJ EmNSOujBmLmG5ehTQdJZRYUXZnsRYH+V1EBduoSHqGbDNOHFd8iI1widJFGlcgUnDvnq NrhncANyNP0W1KkTDfx2t6+7N01oyikT0jSK++oS1FTXzdUCtVBanMRSUHDKgZ0veYOE 5JFjEdqFnupvKkqHpbvFFj1jTtg3IQ6SWpwOydwX7aN6Ffptp4edIp5KFEC16twt2lE3 JqlA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712259406; x=1712864206; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=360eBE+UXEVKeoizJ593W7FcswLeVGiqqj8+BZ8DTek=; b=umGJbPE0CNUMOv0S34YBRXbkSaOB6N9LgKDIvjl50xj+fojffUYxv0nAvNAVkUenaF CNk413eHco3ViU+QATSs1YQAO7cz08KBKcP26a3LquyXbCA3lYBFV+UypTmbaicsFqrv zINpg5KK8n147hZBASv93g+7x4xHtXRIqpt0ye3pHf3hNprPoawScWDRmP6JFqUs5OV9 be8StvJyFTg7GPkLL4OlZzTfhLzyVuK4aQzQ2rvm7LXhuz5sVrQ/Vzkm7m/0GwYuJ8KE MsEaOCcFgU59ch/eIIuF5GdrPTbupBhzEICo1ZOEd373pnJGdZzVNSsSO7UbrqPU65ub E7oA==
X-Forwarded-Encrypted: i=1; AJvYcCXxqHa1LZeb8oPJ7YTJYNF4ESR3nbQJG7c71k1UzWfw3U224Eyfv+C797lfula72WAUbXddtXAzEJmdoZPebZPw
X-Gm-Message-State: AOJu0YyQ/Vai8+mlTThVJtGhw9jfq+LhYcAsICFna4tt2ssb9G3FWSN2 hHMEqzjT6IfjRVieDCfgRFCJAeUnDrr4OBF2T4h/ojJPidvoXKNw7gKaLSn+fX/iCrkF4Jd5w11 OgRQ6ynauRjKRnBweHRBjhG7idMPvd/YEl1HpBZrlIFC10N0T
X-Google-Smtp-Source: AGHT+IFBe3oxM+jb1FB/GMgowLdKVhIC6qFx2RRuDbDFPoM4UVvig3qIgaTZK29Hn+xCJKPPqluOHOzHGAEiuTITPa4=
X-Received: by 2002:a17:90b:fcd:b0:2a2:f16a:670e with SMTP id gd13-20020a17090b0fcd00b002a2f16a670emr590929pjb.23.1712259405751; Thu, 04 Apr 2024 12:36:45 -0700 (PDT)
MIME-Version: 1.0
References: <20240323173810.33A49E6634@rfcpa.amsl.com> <0100018e809ecc8b-b17354dc-f70c-437a-b915-b8ed4086bffb-000000@email.amazonses.com> <f5ea7cfe-65f2-429d-bdc2-11d377d45fd6@mg-soft.si> <CABCOCHQpK=9LADz77M7t2VLF-UNMhNE_oxpNC13yyvX_zME4NA@mail.gmail.com> <7e00b6e4-4d1f-496e-b945-1c4379c28884@mg-soft.si> <CABCOCHTVn2Dbs7NX8cfAu7EjmhuaZ6eez=bFS_6dP88v4So7CA@mail.gmail.com> <cabe39b1-2c23-4bcb-b817-e5021f428a15@mg-soft.si> <CABCOCHStyAP2Bn7ad3M57Rg-FJ+8vBBfDFMJirUxjx63YECU-A@mail.gmail.com> <2eae1936-6294-4c9f-b50a-faab7587941e@mg-soft.si>
In-Reply-To: <2eae1936-6294-4c9f-b50a-faab7587941e@mg-soft.si>
From: Andy Bierman <andy@yumaworks.com>
Date: Thu, 04 Apr 2024 12:36:34 -0700
Message-ID: <CABCOCHQ+aWBYiVY+9iJiMLAzirjZtqK=cu2MwDL+2C_iXrt4xA@mail.gmail.com>
To: Jernej Tuljak <jernej.tuljak@mg-soft.si>
Cc: Kent Watsen <kent+ietf@watsen.net>, RFC Errata System <rfc-editor@rfc-editor.org>, mbj@tail-f.com, Warren Kumari <warren@kumari.net>, "netconf@ietf.org" <netconf@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000a4ca7906154a7514"
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/YIuQjjraDU7BMGlf9T6BTPDTsC8>
Subject: Re: [netconf] [Technical Errata Reported] RFC8040 (7866)
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: NETCONF WG list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Apr 2024 19:36:51 -0000

On Thu, Apr 4, 2024 at 6:16 AM Jernej Tuljak <jernej.tuljak@mg-soft.si>
wrote:

> On 03/04/2024 18:55, Andy Bierman wrote:
>
>
>
> On Wed, Apr 3, 2024 at 6:16 AM Jernej Tuljak <jernej.tuljak@mg-soft.si>
> wrote:
>
>> On 29/03/2024 17:09, Andy Bierman wrote:
>>
>>
>>
>> On Fri, Mar 29, 2024 at 12:46 AM Jernej Tuljak <jernej.tuljak@mg-soft.si>
>> wrote:
>>
>>> On 28/03/2024 17:25, Andy Bierman wrote:
>>>
>>>
>>>
>>> On Thu, Mar 28, 2024 at 2:41 AM Jernej Tuljak <jernej.tuljak@mg-soft.si>
>>> wrote:
>>>
>>>> And I'm still not sure why RFC8040 refers to "reserved characters" as
>>>> the only characters that need to be percent-encoded.
>>>>
>>>> Section 2.1 of RFC3986 that describes percent encoding says:
>>>>
>>>>     A percent-encoding mechanism is used to represent a data octet in a
>>>>     component when that octet's corresponding character is outside the
>>>>     allowed set or is being used as a delimiter of, or within, the
>>>>     component.
>>>>
>>>> Then in 2.2 it says:
>>>>
>>>>     URIs include components and subcomponents that are delimited by
>>>>     characters in the "reserved" set.  These characters are called
>>>>     "reserved" because they may (or may not) be defined as delimiters by
>>>>     the generic syntax, by each scheme-specific syntax, or by the
>>>>     implementation-specific syntax of a URI's dereferencing algorithm.
>>>>
>>>> To me this means there's more than just what RFC3986 considers to be a
>>>> "reserved character" that should to be percent-encoded. The "more" in
>>>> this case being characters "outside the allowed set". Characters like
>>>> the double-quote, which I've brought up before, but never got a
>>>> response:
>>>>
>>>>
>>>
>>> The part of sec. 2.2 that was left out lists the chars:
>>>
>>>       reserved    = gen-delims / sub-delims
>>>
>>>       gen-delims  = ":" / "/" / "?" / "#" / "[" / "]" / "@"
>>>
>>>       sub-delims  = "!" / "$" / "&" / "'" / "(" / ")"
>>>                   / "*" / "+" / "," / ";" / "="
>>>
>>>
>>> IMO these chars need to be percent-encoded in RESTCONF URIs
>>>
>>>
>>>>
>>>> https://mailarchive.ietf.org/arch/msg/netconf/I8kXANHiqeV2JsCWmtTE2fGjYd8/
>>>
>>>
>>>
>>> Perhaps there are some details that are not spelled out.
>>> Double-quote and space are not special in RESTCONF.
>>>
>>>
>>> Are you saying that valid RESTCONF URIs are not required to be valid
>>> RFC3986 URIs?
>>>
>>>
>> No, I am saying that if restconf-next ever happens, then the document can
>> clarify any additional
>> reserved characters.
>>
>>
>> You said that double-quote and space are not special in RESTCONF, but how
>> can that be true, when they are special in RFC3986? What makes them special
>> is that they are not allowed at all. Anywhere. No production of RFC3986
>> ABNF grammar [1] can match them. So they need to be percent-encoded. They
>> do not represent reserved characters but at the same time cannot be
>> recognized as unreserved characters.
>>
>>
>
> I meant no special meaning in RESTCONF.
> RFC 3986 defines the URI encoding.
> There is no intent for RESTCONF to change anything or cherry-pick certain
> requirements and ignore others.
>
> I am not sure what document changes are needed. Perhaps none.
>
>
> I have a specific change in mind.
>
>
You should file a new errata.
This is a separate bug.
It seems OK to me to make this correction.
(I checked our code and it follows NEW, not OLD)


Andy

RFC8040, Section 3.5.3.:
>
> OLD:
>
>    The following example shows how reserved characters are
>    percent-encoded within a key value.  The value of "key1" contains
>    a comma, single-quote, double-quote, colon, double-quote, space,
>    and forward slash (,'":" /).  Note that double-quote is not a
>    reserved character and does not need to be percent-encoded.  The
>    value of "key2" is the empty string, and the value of "key3" is the
>    string "foo".
>
>    Example URL:
>
>       /restconf/data/example-top:top/list1=%2C%27"%3A"%20%2F,,foo
>
> NEW:
>
>    The following example shows how specific characters are
>    percent-encoded within a key value.  The value of "key1" contains
>    a comma, single-quote, double-quote, colon, double-quote, space,
>    and forward slash (,'":" /).  Note that double-quote and space are
>    not reserved characters but also do not correspond to characters in
>    the unreserved set and therefore need to be percent-encoded.  The
>    value of "key2" is the empty string, and the value of "key3" is the
>    string "foo".
>
>    Example URL:
>
>       /restconf/data/example-top:top/list1=%2C%27%22%3A%22%20%2F,,foo
>
>
> Or something along those lines. It seemed related to this errata (7866),
> which is why I brought it up again.
>
> Jernej
>
> Perhaps hold for document update.
>
> [1] - https://datatracker.ietf.org/doc/html/rfc3986#appendix-A
>>
>> Jernej
>>
>
>
> Andy
>
>
>>
>>
>>
>>
>>> Jernej
>>>
>>
>> Andy
>>
>>
>>>
>>> One thing that is clear:
>>> Any user of a RESTCONF URI MUST be capable of converting percent-encoded
>>> chars,
>>> no matter what they are.
>>>
>>>
>>>
>>>>
>>>> Jernej
>>>>
>>>
>>> Andy
>>>
>>>
>>>>
>>>> On 27/03/2024 16:54, Kent Watsen wrote:
>>>> > This errata is incomplete.
>>>> > The issue occurs three times.
>>>> > The occurrence in Section 5.1 is missing.
>>>> >
>>>> > K.
>>>> >
>>>> >
>>>> >> On Mar 23, 2024, at 1:38 PM, RFC Errata System <
>>>> rfc-editor@rfc-editor.org> wrote:
>>>> >>
>>>> >> The following errata report has been submitted for RFC8040,
>>>> >> "RESTCONF Protocol".
>>>> >>
>>>> >> --------------------------------------
>>>> >> You may review the report below and at:
>>>> >> https://www.rfc-editor.org/errata/eid7866
>>>> >>
>>>> >> --------------------------------------
>>>> >> Type: Technical
>>>> >> Reported by: Andy Bierman <andy@yumaworks.com>
>>>> >>
>>>> >> Section: 3.5.3
>>>> >>
>>>> >> Original Text
>>>> >> -------------
>>>> >> Text occurs in two places
>>>> >>
>>>> >> 1)
>>>> >>
>>>> >>       The leaf-list value is specified as a string, using the
>>>> canonical
>>>> >>       representation for the YANG data type.  Any reserved characters
>>>> >>       MUST be percent-encoded, according to Sections 2.1 and 2.5 of
>>>> >>       [RFC3986].
>>>> >>
>>>> >>
>>>> >> 2)
>>>> >>
>>>> >>       The key value is specified as a string, using the canonical
>>>> >>       representation for the YANG data type.  Any reserved characters
>>>> >>       MUST be percent-encoded, according to Sections 2.1 and 2.5 of
>>>> >>       [RFC3986].
>>>> >>
>>>> >>
>>>> >> Corrected Text
>>>> >> --------------
>>>> >>
>>>> >> 1)
>>>> >>
>>>> >>       The leaf-list value is specified as a string, using the
>>>> canonical
>>>> >>       representation for the YANG data type.  Any reserved characters
>>>> >>       MUST be percent-encoded, according to Sections 2.1, 2.2, and
>>>> 2.5 of
>>>> >>       [RFC3986].
>>>> >>
>>>> >> 2)
>>>> >>
>>>> >>       The key value is specified as a string, using the canonical
>>>> >>       representation for the YANG data type.  Any reserved characters
>>>> >>       MUST be percent-encoded, according to Sections 2.1, 2.2, and
>>>> 2.5 of
>>>> >>       [RFC3986].
>>>> >>
>>>> >>
>>>> >> Notes
>>>> >> -----
>>>> >> The reserved character list is defined in section 2.2 of RFC 3986
>>>> >>
>>>> >> Instructions:
>>>> >> -------------
>>>> >> This erratum is currently posted as "Reported". (If it is spam, it
>>>> >> will be removed shortly by the RFC Production Center.) Please
>>>> >> use "Reply All" to discuss whether it should be verified or
>>>> >> rejected. When a decision is reached, the verifying party
>>>> >> will log in to change the status and edit the report, if necessary.
>>>> >>
>>>> >> --------------------------------------
>>>> >> RFC8040 (draft-ietf-netconf-restconf-18)
>>>> >> --------------------------------------
>>>> >> Title               : RESTCONF Protocol
>>>> >> Publication Date    : January 2017
>>>> >> Author(s)           : A. Bierman, M. Bjorklund, K. Watsen
>>>> >> Category            : PROPOSED STANDARD
>>>> >> Source              : Network Configuration
>>>> >> Stream              : IETF
>>>> >> Verifying Party     : IESG
>>>> > _______________________________________________
>>>> > netconf mailing list
>>>> > netconf@ietf.org
>>>> > https://www.ietf.org/mailman/listinfo/netconf
>>>>
>>>> _______________________________________________
>>>> netconf mailing list
>>>> netconf@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/netconf
>>>>
>>>
>>>
>>
>

v2.23.0 | Report a Bug | By Email