IETF Logo Mail Archive

[secdir] draft-ietf-rats-msg-wrap-18 ietf last call Secdir review

Benjamin Schwartz via Datatracker <noreply@ietf.org> Mon, 06 October 2025 20:01 UTC

Return-Path: <noreply@ietf.org>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@mail2.ietf.org
Received: from [10.244.8.182] (unknown [4.156.85.76]) by mail2.ietf.org (Postfix) with ESMTP id 813346E2E938; Mon, 6 Oct 2025 13:01:52 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Benjamin Schwartz via Datatracker <noreply@ietf.org>
To: secdir@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.50.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <175978091243.3836367.9289657222022936809@dt-datatracker-6c6cdf7f94-h6rnn>
Date: Mon, 06 Oct 2025 13:01:52 -0700
Message-ID-Hash: AJINRWTZSQ4TRK7VAF62VGFT7EKXLUZT
X-Message-ID-Hash: AJINRWTZSQ4TRK7VAF62VGFT7EKXLUZT
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-secdir.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-rats-msg-wrap.all@ietf.org, last-call@ietf.org, rats@ietf.org
X-Mailman-Version: 3.3.9rc6
Reply-To: Benjamin Schwartz <ietf@bemasc.net>
Subject: [secdir] draft-ietf-rats-msg-wrap-18 ietf last call Secdir review
List-Id: Security Area Directorate <secdir.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/QMqJHFL21FmVqSV-Wt2AgA2pprk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Owner: <mailto:secdir-owner@ietf.org>
List-Post: <mailto:secdir@ietf.org>
List-Subscribe: <mailto:secdir-join@ietf.org>
List-Unsubscribe: <mailto:secdir-leave@ietf.org>

Document: draft-ietf-rats-msg-wrap
Title: RATS Conceptual Messages Wrapper (CMW)
Reviewer: Benjamin Schwartz
Review result: Has Nits

Clear document describing some serialization formats.

Notes:

Section 3.1:

* The "ind" field is defined as a 32-bit bitfield of types.  This constraint on
the range of expressible message types seems hard to justify.  In the common
case, a short list of small integers would be almost as compact (in CBOR), and
in the extreme case (32 message types), the proportional savings of using a
bitfield is presumably minimal compared to the messages themselves.  This seems
like a case of trying to save 1 byte, at the cost of considerably reduced
flexibility for extensions (especially experimental or private extensions). 
And in some cases, the bitfield representation is actually _less_ compact. *
Also, the description says "Only four values are registered", but the
definition of `cm-type` shows 5 values.

Section 3.4:

* It seems like this text is recommending sending JSON or CBOR in a shared
container, with the recipient disambiguating them based on the first byte.
  - It's not clear what the motivating use case is for this algorithm.
  - This is a risky design.  Parsers developed in JSON-only or CBOR-only
  ecosystems may sensibly omit the unused format, leading to misbehaviors when
  they are used with other format. - The proposed disambiguation is different
  from the one proposed in the CBOR specification (see
  https://www.rfc-editor.org/rfc/rfc8949.html#section-3.4.6-4,
  https://www.rfc-editor.org/rfc/rfc9277.html#section-2.2) - Unless there is a
  compelling reason, it would seem safer to treat JSON and CBOR consistently as
  distinct media types, distinguished by an indicator in the upper layer (as is
  done in Section 4.4 for X.509).

Section 10.5
* The IANA registry is given as "expert review", but the instructions to the
expert effectively make the policy equivalent to Standards Action (or perhaps
even stricter!).  IMHO it should be changed to Standards Action.  (A
non-bitfield representation would allow a much more relaxed registration
policy.)

v2.43.4 | Report a Bug | By Email | System Status