IETF Logo Mail Archive

Re: [OPSAWG] AD review of draft-ietf-opsawg-finding-geofeeds-04

Russ Housley <housley@vigilsec.com> Tue, 13 April 2021 14:11 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: opsawg@ietfa.amsl.com
Delivered-To: opsawg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 250B93A1890 for <opsawg@ietfa.amsl.com>; Tue, 13 Apr 2021 07:11:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BS8xwpHaTe43 for <opsawg@ietfa.amsl.com>; Tue, 13 Apr 2021 07:11:10 -0700 (PDT)
Received: from mail.smeinc.net (mail.smeinc.net [209.135.209.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BDA523A1894 for <opsawg@ietf.org>; Tue, 13 Apr 2021 07:11:10 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.smeinc.net (Postfix) with ESMTP id 1B60A300BD8 for <opsawg@ietf.org>; Tue, 13 Apr 2021 10:11:08 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.smeinc.net
Received: from mail.smeinc.net ([127.0.0.1]) by localhost (mail.smeinc.net [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id AlDPwY4pJSzQ for <opsawg@ietf.org>; Tue, 13 Apr 2021 10:11:05 -0400 (EDT)
Received: from a860b60074bd.fios-router.home (pool-141-156-161-153.washdc.fios.verizon.net [141.156.161.153]) by mail.smeinc.net (Postfix) with ESMTPSA id 8AFC530009B; Tue, 13 Apr 2021 10:11:05 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.17\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <m2lf9nt6x9.wl-randy@psg.com>
Date: Tue, 13 Apr 2021 10:11:06 -0400
Cc: Rob Wilton <rwilton@cisco.com>, Ops Area WG <opsawg@ietf.org>, draft-ietf-opsawg-finding-geofeeds.all@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <9A1B1ABC-9AC9-4FE1-A7A1-21AC67D3252C@vigilsec.com>
References: <MN2PR11MB4366E7BB3CE2A26FB6C3FB1DB5709@MN2PR11MB4366.namprd11.prod.outlook.com> <m2pmyztcbl.wl-randy@psg.com> <6B3DCBE7-CB7D-421F-9CF3-78E0C6EEC61F@vigilsec.com> <m2lf9nt6x9.wl-randy@psg.com>
To: Randy Bush <randy@psg.com>
X-Mailer: Apple Mail (2.3445.104.17)
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsawg/MsGa3Dbrx73R3xEKTgDbeKSfvHQ>
Subject: Re: [OPSAWG] AD review of draft-ietf-opsawg-finding-geofeeds-04
X-BeenThere: opsawg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OPSA Working Group Mail List <opsawg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsawg>, <mailto:opsawg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsawg/>
List-Post: <mailto:opsawg@ietf.org>
List-Help: <mailto:opsawg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsawg>, <mailto:opsawg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Apr 2021 14:11:15 -0000


> On Apr 12, 2021, at 7:33 PM, Randy Bush <randy@psg.com> wrote:
> 
>>>> 3. The definition of canonicalization refers to section 2.2 of RFC
>>>> 5485 (which talks about ASCII) vs RFC8805 which talks about UTF-8.  Is
>>>> this disparity an issue?
>>> 
>>> russ, how do you want to handle?
>> 
>> This is really about line endings, but it would probably be best to
>> assign a content type for UTF8 Test with CRLF.
> 
> yuchh.  send text, if you would please.

Actually, I went back to the I-D, and I withdraw my suggestions.

This I-D already defines a new content type: id-ct-geofeedCSVwithCRLF.

This new content type already handles the situation as I was thinking.  It could be more clear, and I suggest:

OLD:

   Borrowing detached signatures from [RFC5485], after text file
   canonicalization (Sec 2.2), the Cryptographic Message Syntax (CMS)
   [RFC5652] would be used to create a detached DER encoded signature
   which is then BASE64 encoded and line wrapped to 72 or fewer
   characters.

NEW:

   The canonicalization procedure converts the data from its internal
   character representation to the UTF-8 [RFC3629] character encoding,
   and the <CRLF> sequence MUST be used to denote the end of a
   line of text.  Trailing space characters MUST NOT appear on a line of
   text.  That is, the space or tab characters must not be followed by
   the <CRLF> sequence.  Thus, a blank line is represented solely by
   the <CRLF> sequence.  Other nonprintable characters, such as
   backspace, are not expected.  For robustness, any nonprintable
   characters MUST NOT be changed by canonicalization.  Trailing
   blank lines MUST NOT appear at the end of the file.  That is, the
   file must not end with multiple consecutive <CRLF> sequences.
   Any end-of-file marker used by an operating system is not considered
   to be part of the file content.  When present, such end-of-file
   markers MUST NOT be processed by the digital signature algorithm.

   Borrowing detached signatures from [RFC5485], after file
   canonicalization, the Cryptographic Message Syntax (CMS)
   [RFC5652] would be used to create a detached DER encoded signature
   which is then BASE64 encoded and line wrapped to 72 or fewer
   characters.

END

Russ

v2.23.0 | Report a Bug | By Email