Re: [P2PSIP] Enrollment server handling base64 encoded csr parameter
Marc Petit-Huguenin <petithug@acm.org> Fri, 21 June 2013 17:51 UTC
Return-Path: <petithug@acm.org>
X-Original-To: p2psip@ietfa.amsl.com
Delivered-To: p2psip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9344521F9BFA for <p2psip@ietfa.amsl.com>; Fri, 21 Jun 2013 10:51:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.15
X-Spam-Level:
X-Spam-Status: No, score=-2.15 tagged_above=-999 required=5 tests=[AWL=0.450, BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o8icX50XSGnN for <p2psip@ietfa.amsl.com>; Fri, 21 Jun 2013 10:51:24 -0700 (PDT)
Received: from implementers.org (implementers.org [IPv6:2604:3400:dc1:41:216:3eff:fe5b:8240]) by ietfa.amsl.com (Postfix) with ESMTP id 441A121F9948 for <p2psip@ietf.org>; Fri, 21 Jun 2013 10:51:23 -0700 (PDT)
Received: from [IPv6:2601:9:4bc0:41:cc99:88ae:cf1a:af93] (unknown [IPv6:2601:9:4bc0:41:cc99:88ae:cf1a:af93]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client CN "Marc Petit-Huguenin", Issuer "implementers.org" (verified OK)) by implementers.org (Postfix) with ESMTPS id E02E72021A; Fri, 21 Jun 2013 19:51:21 +0200 (CEST)
Message-ID: <51C49297.5010407@acm.org>
Date: Fri, 21 Jun 2013 10:51:19 -0700
From: Marc Petit-Huguenin <petithug@acm.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130518 Icedove/17.0.5
MIME-Version: 1.0
To: Michael Chen <michaelc@idssoftware.com>
References: <20130621100813.59ca11a9ba9389561a029f06442e67fa.e623a2cc5a.mailapi@email03.secureserver.net>
In-Reply-To: <20130621100813.59ca11a9ba9389561a029f06442e67fa.e623a2cc5a.mailapi@email03.secureserver.net>
X-Enigmail-Version: 1.5.1
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: p2psip@ietf.org
Subject: Re: [P2PSIP] Enrollment server handling base64 encoded csr parameter
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Jun 2013 17:51:25 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Michael, On 06/21/2013 10:08 AM, Michael Chen wrote: > Hi Marc, > > A bug in my program sent the following multi-part header followed by the > pkcs10 DER binary, but your server ignored the transfer encoding header and > processed the csr: > > --0xD2454C4F Content-Disposition: form-data; name="csr" Content-Type: > application/pkcs10 Content-Transfer-Encoding: base64 > > <CSR DER binary> > > --0xD2454C4F > > RFC2311 (referenced in section 11.3 of p2psip-base) does describe the use > of base64 encoded application/pkcs10 content type (3.7.2). The p2psip-base > draft should either endorse or explicitly exclude the base64 encoding > stated in RFC2311. > Hmm, RFC 2616 states in section 19.4.5: HTTP does not use the Content-Transfer-Encoding (CTE) field of RFC 2045. Proxies and gateways from MIME-compliant protocols to HTTP MUST remove any non-identity CTE ("quoted-printable" or "base64") encoding prior to delivering the response message to an HTTP client. On the other hand RFC 2388 has an example using CTE: --AaB03x content-disposition: form-data; name="field1" content-type: text/plain;charset=windows-1250 content-transfer-encoding: quoted-printable Joe owes =80100. --AaB03x Perhaps what RFC 2616 meant was that CTE cannot be used as an header, but can be used as a MIME parameter. But as HTTP never had any 7bit/8bit issues, I doubt it. For the sake of interoperability, I filled a bug to add support for CTE in form-data my server. - -- Marc Petit-Huguenin Email: marc@petit-huguenin.org Blog: http://blog.marc.petit-huguenin.org Profile: http://www.linkedin.com/in/petithug -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJRxJKPAAoJECnERZXWan7EFHUP/3LFuKBZ/mQZRVfIvlVUR4g0 6ZGrXMmZ0szR/S1LGBtN2Rwp/UdLqGo1EN0rP75ZtGQefJJ3MzMbFi6mE4kgPOLj cthl11+SbbpJKUDL8MJHGWrMsYUPX0DASs7+Si/nqKCigm4INkhkOngnoB4D5x6N DetwUvbsmnmxejwWbiOTQ0YdHSI1F4el8R4T6S3cRgGCHSNKADP0fd7T14mxYPpH 1Lgnr4WI6jczovLl//314S45g7vgSvMUtiRkjURON6lLD1GTb+6/sB9yTZ0lftEe qxRXRf226VHVyVHjgEh+giCSCpDCbql8ny+q43IFZWtoMv4IXo+NiTiMALwIvfwp NmmYObyFrbEjZC582xV2rIZSF/MgWad91p0BChwQ0gP7PaxkMQdZWqK1Uv58aszZ AW+6YGu9yhzmoi9FO3uFLlab+wElD4JiNHj7BdbbghJW2Pkcrubg0uj4OJoqSuYM uj4Ilj9IJtf4BGG1aOBM2SS+feIXhVomAVW9JiW9x3mqAMErSzoYjT7bR5Vgtxbo c20sviT3lYp2bGqPPAUNz+85adsMaz6gIZyzaGsivQnk4zI/uwxkaSj0NUXzoOgv VDLk/yo1KfDx+r6NTP3PIgpLW3nfLvHDw/8rGPeLhLNVMW8HOp5HrBHAeJDbGGIW 2xpEV4fpnTZZ/3zpI0gi =WhEI -----END PGP SIGNATURE-----
- [P2PSIP] Enrollment server handling base64 encode… Michael Chen
- Re: [P2PSIP] Enrollment server handling base64 en… Marc Petit-Huguenin