Re: [Rats] [Cbor] πŸ”” WGLC on draft-ietf-cbor-tags-oid-02

Carsten Bormann <cabo@tzi.org> Sat, 31 October 2020 20:36 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: rats@ietfa.amsl.com
Delivered-To: rats@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4E5C23A0EA7; Sat, 31 Oct 2020 13:36:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3BWZcE36uVWf; Sat, 31 Oct 2020 13:36:55 -0700 (PDT)
Received: from gabriel-vm-2.zfn.uni-bremen.de (gabriel-vm-2.zfn.uni-bremen.de [134.102.50.17]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E430D3A0EA8; Sat, 31 Oct 2020 13:36:53 -0700 (PDT)
Received: from [192.168.217.118] (p548dcc60.dip0.t-ipconnect.de [84.141.204.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-vm-2.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4CNrZC4zmFzyX3; Sat, 31 Oct 2020 21:36:51 +0100 (CET)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <008CBA60-62C3-4B06-BC48-8BC159CD7A5D@island-resort.com>
Date: Sat, 31 Oct 2020 21:36:51 +0100
Cc: "rats@ietf.org" <rats@ietf.org>, "draft-ietf-cbor-tags-oid@ietf.org" <draft-ietf-cbor-tags-oid@ietf.org>, "sacm@ietf.org" <sacm@ietf.org>, Francesca Palombini <francesca.palombini=40ericsson.com@dmarc.ietf.org>
X-Mao-Original-Outgoing-Id: 625869411.257035-2f37acb6e1109856a215b83fad5b1ed6
Content-Transfer-Encoding: quoted-printable
Message-Id: <12FDAD94-4378-42C4-8054-B5A135043636@tzi.org>
References: <12027D40-562D-4859-8A3B-25551C5CBAC8@ericsson.com> <F835894B-8149-4884-AEFB-76EBD07DFB61@island-resort.com> <3BBDCDD5-BEAC-4826-8D84-13814CF210C8@tzi.org> <008CBA60-62C3-4B06-BC48-8BC159CD7A5D@island-resort.com>
To: Laurence Lundblade <lgl@island-resort.com>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rats/kYpS7PrgWlfp9xxX2Ocg-YBDH2Y>
Subject: Re: [Rats] =?utf-8?q?=5BCbor=5D_=F0=9F=94=94_WGLC_on_draft-ietf-cbor?= =?utf-8?q?-tags-oid-02?=
X-BeenThere: rats@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Remote ATtestation procedureS <rats.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rats>, <mailto:rats-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rats/>
List-Post: <mailto:rats@ietf.org>
List-Help: <mailto:rats-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rats>, <mailto:rats-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 31 Oct 2020 20:36:58 -0000

> 
> CWT seems a little ambiguous as to whether thusly encoded OIDs are allowed as a label/key. Section 3 says:
> 
>    To keep CWTs as small as possible, the Claim Keys are represented
>    using integers or text strings.
> 
> 
> This seems more of a statement of design intent rather than a prohibition against other types of Claim Keys, but one could interpret it as a prohibition.

It is neither: It is a statement of fact.
The dual of this statement is:
If the label (map key) is not an integer or a text string, this label is not a Claim Key.
(And, since Claims use Claim Keys, the key/value pair is not a Claim, and ... the whole thing is not a CWT.)

[We had an interesting discussion over at JSONpath about normative statements.
The upshot was that this is a normal way to phrase a normative statement, even without RFC 2119 language.  RFC 2119 language would not be wrong here, but it is not needed.  Just like an ABNF rule β€œid = 1*ALPHA” would not need an RFC 2119 statement with it that dollar signs MUST NOT occur in ids, unless that is for some reason a misunderstanding that suggests itself.]

Grüße, Carsten