IETF Logo Mail Archive

Re: [sacm] EXTENDED (Re: WGLC for draft-ietf-sacm-rolie-softwaredescriptor)

"Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov> Mon, 01 July 2019 14:58 UTC

Return-Path: <stephen.banghart@nist.gov>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C49F1202E8 for <sacm@ietfa.amsl.com>; Mon, 1 Jul 2019 07:58:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nist.gov
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ccERzDtKV6Ij for <sacm@ietfa.amsl.com>; Mon, 1 Jul 2019 07:58:07 -0700 (PDT)
Received: from GCC01-DM2-obe.outbound.protection.outlook.com (mail-eopbgr840097.outbound.protection.outlook.com [40.107.84.97]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC893120112 for <sacm@ietf.org>; Mon, 1 Jul 2019 07:58:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nist.gov; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=asmspK9PshDkC9SrS5rWC18aiG0sUDshg4KwvPiIPcI=; b=d1ue1BXSElmY7p5dfGB/ImmtPzZA5vxw0Tu0qxLewp3S19+6bF7h6q1xEGpJZP/8kOKjX0ED38i7n5ZC6zNLGDz2dbRMWT+QVRxRT03LybZAJSjvm3OF7b2kpeDNy2gt7Cz3AVem0VOLyAGy8w8adlvlRIAUyixj2yiR6WZWhyo=
Received: from CY4PR09MB1383.namprd09.prod.outlook.com (10.172.67.17) by CY4PR09MB2261.namprd09.prod.outlook.com (10.172.140.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2032.20; Mon, 1 Jul 2019 14:58:05 +0000
Received: from CY4PR09MB1383.namprd09.prod.outlook.com ([fe80::80ea:8048:d44:78a9]) by CY4PR09MB1383.namprd09.prod.outlook.com ([fe80::80ea:8048:d44:78a9%4]) with mapi id 15.20.2032.019; Mon, 1 Jul 2019 14:58:05 +0000
From: "Banghart, Stephen A. (Fed)" <stephen.banghart@nist.gov>
To: Bill Munyan <bill.munyan.ietf@gmail.com>, "<sacm@ietf.org>" <sacm@ietf.org>
CC: Karen O'donoghue <odonoghue@isoc.org>
Thread-Topic: [sacm] EXTENDED (Re: WGLC for draft-ietf-sacm-rolie-softwaredescriptor)
Thread-Index: AQHVLScIfI4zOzYWuUGuNvlItY8hnqawAUuAgARJ8wCAAZQmcA==
Date: Mon, 01 Jul 2019 14:58:04 +0000
Message-ID: <CY4PR09MB1383B9C76F1541A374276087F0F90@CY4PR09MB1383.namprd09.prod.outlook.com>
References: <D3470C8C-ECAD-451C-8698-5C2A3320170B@isoc.org> <7F704B0D-8956-4419-B41F-1B63283BEE76@isoc.org> <CAM+R6NWaKw+pgmR-qBS52dr7tY-quokna58-wFH6EOyX9=_eEg@mail.gmail.com> <CAKUOEQw_fBt4omUo+jdtwDgKAzk+-OwF5gMC9OvNQu0vSvw=rg@mail.gmail.com>
In-Reply-To: <CAKUOEQw_fBt4omUo+jdtwDgKAzk+-OwF5gMC9OvNQu0vSvw=rg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=stephen.banghart@nist.gov;
x-originating-ip: [129.6.196.176]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: c36ca91a-5747-4be1-def0-08d6fe34858b
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:CY4PR09MB2261;
x-ms-traffictypediagnostic: CY4PR09MB2261:
x-ms-exchange-purlcount: 5
x-ld-processed: 2ab5d82f-d8fa-4797-a93e-054655c61dec,ExtAddr
x-microsoft-antispam-prvs: <CY4PR09MB22612048D6E5EF9D3F02B343F0F90@CY4PR09MB2261.namprd09.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 00851CA28B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(136003)(366004)(376002)(396003)(39860400002)(199004)(53754006)(51914003)(189003)(110136005)(14454004)(966005)(52536014)(316002)(71200400001)(66946007)(476003)(4326008)(68736007)(478600001)(76116006)(486006)(66446008)(64756008)(66556008)(66476007)(71190400001)(25786009)(606006)(73956011)(99286004)(5660300002)(66066001)(790700001)(6116002)(102836004)(76176011)(7736002)(8936002)(53936002)(3846002)(14444005)(81166006)(33656002)(81156014)(53546011)(256004)(6506007)(74316002)(7696005)(8676002)(6246003)(26005)(11346002)(446003)(236005)(6436002)(9686003)(6306002)(54896002)(55016002)(186003)(86362001)(2906002)(229853002)(491001); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR09MB2261; H:CY4PR09MB1383.namprd09.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: nist.gov does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: TbhLdvyRuB9tXkCD4U07ozLESj5SVpMbFYkoD0yc2yX68gN/vvFJkwoUlHYOKjQsU5vz2J62KFbdz68t52AibIg7VrImDp5Ity7gLs9Gko+gH+AAyb/vJhJTXFsIc7JKd3Et77ApHuTj+nxHybv8S2cc6bqfuvmVBSAbvEGA7pXHu9biBSgoZ1ZlK4slw9tFhrAw7ZIdQybyBdVC02wfSy0PV/XfkqoYxDlvSVAv+/KBRJBcf+5L8lAHUwsuHeYBgkFODbI/o79UeEmnD767W/kXyJDKqkjALDOidOjkVGRqDnbf0z+9cEzNKMThASPxZvX2SGE5u3SQc4sbkQNEOR4v4W2gdUi1IboLci38cSnyupWfivvyRcPFzYP5xnIvRJkSuLc3eHn6la2BQlM9A3l4IBG0Dqf3dyj78l8iQ+M=
Content-Type: multipart/alternative; boundary="_000_CY4PR09MB1383B9C76F1541A374276087F0F90CY4PR09MB1383namp_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-Network-Message-Id: c36ca91a-5747-4be1-def0-08d6fe34858b
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Jul 2019 14:58:05.0143 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: sab3@NIST.GOV
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR09MB2261
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/SFN62pDotSYhsmPJODshLbxHDVY>
Subject: Re: [sacm] EXTENDED (Re: WGLC for draft-ietf-sacm-rolie-softwaredescriptor)
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jul 2019 14:58:11 -0000

Bill,

Thanks for the review!

In sections 6.1.2 and 6.2.1, there is mention of the ISO SWID spec.  Should those 2 mentions include the [SWID] reference link?  It may just be that the first mention/reference includes the link (which happens previously in the draft), so if it's not the norm to include the reference elsewhere, that's fine.  Just my inexperience, so I thought I'd ask.

I think it’s pretty much flexible on whether or not to include the SWID references more than once, but I typically only include the link on the first use.



6.2.2: In the 1st bullet of the "A "COSWID Tag Entry" MUST conform to the following requirements" section, the "type" attribute is required to be "application/coswid+cbor".  The CoSWID draft creates the media type of "application/swid+cbor" (Here<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-sacm-coswid-11%23section-5.3&data=02%7C01%7Cstephen.banghart%40nist.gov%7C9b6337b287ab499f0fe108d6fd69fa01%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C1%7C636975028952652474&sdata=YWKWHTqWCnvNtuYuKH9hmby7ZfnS6ZvPkpQNe6sTGLU%3D&reserved=0>).  Should those be the same?

That absolutely should be the same, thanks for the catch.


Last, are the "rolie:property" values for CoSWID Tag Entries the "translated" values?  i.e. the decoded value at integer 0, 1, and 12?  I think the answer is "yes", but wanted the clarification.

Yes, it should be the decoded value stored at that integer key. I can add some language to make that more clear.

Thanks,
Stephen

From: sacm <sacm-bounces@ietf.org> On Behalf Of Bill Munyan
Sent: Sunday, June 30, 2019 10:48 AM
To: <sacm@ietf.org> <sacm@ietf.org>
Cc: Karen O'donoghue <odonoghue@isoc.org>
Subject: Re: [sacm] EXTENDED (Re: WGLC for draft-ietf-sacm-rolie-softwaredescriptor)

Hello all,
I've read the draft and I have just a couple of nits/questions:

In sections 6.1.2 and 6.2.1, there is mention of the ISO SWID spec.  Should those 2 mentions include the [SWID] reference link?  It may just be that the first mention/reference includes the link (which happens previously in the draft), so if it's not the norm to include the reference elsewhere, that's fine.  Just my inexperience, so I thought I'd ask.

6.2.2: In the 1st bullet of the "A "COSWID Tag Entry" MUST conform to the following requirements" section, the "type" attribute is required to be "application/coswid+cbor".  The CoSWID draft creates the media type of "application/swid+cbor" (Here<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Fdraft-ietf-sacm-coswid-11%23section-5.3&data=02%7C01%7Cstephen.banghart%40nist.gov%7C9b6337b287ab499f0fe108d6fd69fa01%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C1%7C636975028952652474&sdata=YWKWHTqWCnvNtuYuKH9hmby7ZfnS6ZvPkpQNe6sTGLU%3D&reserved=0>).  Should those be the same?

Last, are the "rolie:property" values for CoSWID Tag Entries the "translated" values?  i.e. the decoded value at integer 0, 1, and 12?  I think the answer is "yes", but wanted the clarification.

Cheers,
-Bill M.


On Thu, Jun 27, 2019 at 5:18 PM Jessica Fitzgerald-McKay <jmfmckay@gmail.com<mailto:jmfmckay@gmail.com>> wrote:
I have reviewed the draft. It is ready for publication.

Thanks,
Jess

On Thu, Jun 27, 2019 at 4:29 PM Karen O'Donoghue <odonoghue@isoc.org<mailto:odonoghue@isoc.org>> wrote:
Folks,

As discussed during our virtual interim on Tuesday, we are extending this working group last call in order to get a better response. Please reply to this email thread with an indication that you have read the document, any comments you may have, and your assessment of whether or not it is ready to proceed to publication.

DEADLINE: Please reply by Friday 5 July 2019.

Karen


On Jun 4, 2019, at 10:19 AM, Karen O'Donoghue <odonoghue@isoc.org<mailto:odonoghue@isoc.org>> wrote:

Folks,

This begins a two week working group last call for:
Definition of the ROLIE Software Descriptor Extension
https://datatracker.ietf.org/doc/draft-ietf-sacm-rolie-softwaredescriptor/<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-ietf-sacm-rolie-softwaredescriptor%2F&data=02%7C01%7Cstephen.banghart%40nist.gov%7C9b6337b287ab499f0fe108d6fd69fa01%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C1%7C636975028952662482&sdata=yPjjIa8K90jtF25r%2BronNUEBWJ7lct4PvkDRtC%2BlVLY%3D&reserved=0>

Please review this document and send comments (including suitability to publish) to the mailing list.

This WGLC will close on 19 June 2019.

Thank you!
Karen and Chris

_______________________________________________
sacm mailing list
sacm@ietf.org<mailto:sacm@ietf.org>
https://www.ietf.org/mailman/listinfo/sacm<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsacm&data=02%7C01%7Cstephen.banghart%40nist.gov%7C9b6337b287ab499f0fe108d6fd69fa01%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C1%7C636975028952662482&sdata=aPyW2lBdfbPysD61bmciNgITNCSYEQjGMWRz6DJCxP8%3D&reserved=0>
_______________________________________________
sacm mailing list
sacm@ietf.org<mailto:sacm@ietf.org>
https://www.ietf.org/mailman/listinfo/sacm<https://gcc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fsacm&data=02%7C01%7Cstephen.banghart%40nist.gov%7C9b6337b287ab499f0fe108d6fd69fa01%7C2ab5d82fd8fa4797a93e054655c61dec%7C1%7C1%7C636975028952672491&sdata=p2eLCf%2FZ9zhLM3KkDfj6djp4nzl0AnbNa7TFftrmTFQ%3D&reserved=0>

v2.23.0 | Report a Bug | By Email