IETF Logo Mail Archive

Re: [Sidrops] I-D Action: draft-ietf-sidrops-6486bis-06.txt

Ben Maddison <benm@workonline.africa> Sat, 09 October 2021 15:22 UTC

Return-Path: <benm@workonline.africa>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3239E3A09D9 for <sidrops@ietfa.amsl.com>; Sat, 9 Oct 2021 08:22:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=workonline.africa
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TY02M4muvXkg for <sidrops@ietfa.amsl.com>; Sat, 9 Oct 2021 08:22:30 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2074.outbound.protection.outlook.com [40.107.22.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30D293A0983 for <sidrops@ietf.org>; Sat, 9 Oct 2021 08:22:28 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EC3FNAKnCgRYl2mRbHq5jDJPC5MTcNO2w4WdxI2wKEVJ6jRsE2b+HcqCmmaR9bFBOTeG0l+xMuJPr4JtcC6dcENyEtofO0f2hJayO0nC++LtzG4T+OuQlYFxagmzphgYJ5OKbx8wfbtm1IANdmR4kaTcIH6mECfeyLzNBcfIhWuBBOcKubkerMXieDTj3VRkug2F726+mbnzQVNSEhV8rsT3wpOc0T5mbWVyzxdOEbUlJomNF3LGD6rQDCfqW/8jXko+MNXL0AYfdLzJT9bmVGVGo0mNX9zC4mW8jxIswf9PKL0hY7VkNu3bIHxcn/XJCU/XjjDcGTL4VLmToI3/LA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=GqyXrgqPvsFo+GZkfsh+X6qzOvb1AWBLFIKhnp/RGSw=; b=VlfuY/1z98CG6WhktAoAmX//dyfuFNSqySL1Bqj2gzRnYq8DyH2YLruVGMu07eplP6iHgPXvNnUh7ytxcPlnDWXuzXLIvpUSaXeNbpqgxprQzunVnitzpooKf3EPVM+hK4e0IQhndUVh4p5/voqgyyAj1DnP/SBIlczP3N0VbjoUvdcm1hksraLGVwrd0rMw6g+U8HNQa9DhRQreysD7ADHVPQfaJCM587d0MUfwAwIBvDcDSmjUNDToJmidN4pvIPesTBNunzkzrYlNi3f9wT1b+56DtlNw4+sDvgJ4cOIoEP2hZ3qzHsU+srExeD1YaDSaozS6BgKO3/cuYKAqZw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=workonline.africa; dmarc=pass action=none header.from=workonline.africa; dkim=pass header.d=workonline.africa; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=workonline.africa; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GqyXrgqPvsFo+GZkfsh+X6qzOvb1AWBLFIKhnp/RGSw=; b=frD2Hygzsbgd+BL+KTKNq5SGaF3E3SnbMV0/q4KY3HUIEVFqF9I/fPw/50PRCKpT60iUYtwVx7OTHTKLroowqdsLt14UIhosfK44gU44aXcqa89rYpLI67zRNZqPaOuTfU2oEtargjyGe6TrsSYy42DhjVSt2qFh08SkZcnNGhk=
Authentication-Results: vigilsec.com; dkim=none (message not signed) header.d=none;vigilsec.com; dmarc=none action=none header.from=workonline.africa;
Received: from AS8P190MB1078.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2e7::13) by AS8P190MB1366.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2e0::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.19; Sat, 9 Oct 2021 15:22:25 +0000
Received: from AS8P190MB1078.EURP190.PROD.OUTLOOK.COM ([fe80::15f5:8c34:b1be:6006]) by AS8P190MB1078.EURP190.PROD.OUTLOOK.COM ([fe80::15f5:8c34:b1be:6006%7]) with mapi id 15.20.4587.025; Sat, 9 Oct 2021 15:22:25 +0000
Date: Sat, 09 Oct 2021 17:22:17 +0200
From: Ben Maddison <benm@workonline.africa>
To: Russ Housley <housley@vigilsec.com>
Cc: SIDR Operations WG <sidrops@ietf.org>, Steve Kent <stephen.kent@verizon.net>, Tim Bruijnzeels <tim@nlnetlabs.nl>
Message-ID: <20211009152217.f4qub4txmtptrefr@benm-laptop>
References: <20210930171302.m7b5utqceotecooc@benm-laptop> <B2E57F08-CA61-4713-BFAE-6D36B20EA1D2@vigilsec.com> <20210930205213.kzwpn3e4ft3q33a6@benm-laptop> <F32DADF2-48C1-4CE7-AC4F-5ADB01C0C224@vigilsec.com> <F069C65C-2BD2-4DD7-9CDB-96DBAA122CD1@nlnetlabs.nl> <AF18F2E7-D16D-4352-8D2C-E9B6D2DE9271@vigilsec.com> <4E8ED276-A8A2-42FC-B0ED-9BB1EEB0C0BF@nlnetlabs.nl> <90554F86-FA27-4364-B13D-BBE7CA4885B1@vigilsec.com> <20211008075333.muhym3dbscuqmafu@benm-laptop> <26BD1B09-9EC6-44F9-B6F9-E4E8EEA1C640@vigilsec.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="g5y2jgvucvtcq7wh"
Content-Disposition: inline
In-Reply-To: <26BD1B09-9EC6-44F9-B6F9-E4E8EEA1C640@vigilsec.com>
X-ClientProxiedBy: CT2P275CA0007.ZAFP275.PROD.OUTLOOK.COM (2603:1086:100:b::19) To AS8P190MB1078.EURP190.PROD.OUTLOOK.COM (2603:10a6:20b:2e7::13)
MIME-Version: 1.0
Received: from localhost (105.233.97.54) by CT2P275CA0007.ZAFP275.PROD.OUTLOOK.COM (2603:1086:100:b::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.24 via Frontend Transport; Sat, 9 Oct 2021 15:22:24 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 5d247f6f-8858-4b8a-08b9-08d98b3898b1
X-MS-TrafficTypeDiagnostic: AS8P190MB1366:
X-Microsoft-Antispam-PRVS: <AS8P190MB13665F03C07D8B496DB3A487C0B39@AS8P190MB1366.EURP190.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: fn4nv3fzHsSBXAy1Kw6y1E8f88p1Pf9xLgeGIH2+Kbl2K9lPWEgU3fV3/LgRpg4zRSqUZelQKHasi8kezXQ1uu5D/+J3G89xLSdrwngXzMQzKviQ2LgsIoyPE1fy3JFi8GHZ7rfMGpJIg2eeiJvXzBM+H9K2S6/iDPCe2Zj4GPAhkX2wdPKFpTONVuQvi+rJ/N4gGuU4XFpg5n2dA2YCnLXzemaHO7fsAmo12PxUCxaqmedLRoKJ8VxtyMc1mF1kBeNDHnyKL/cvyVYl0FE0eU8OZUH5VHA7uLu2/xFjJH4vn71ID5cj1tIJYUS6hn46pi1M0sZIZ1c0G7iA40gBjjF+CLj2cmyBs3RSBN1uwAsVGxTkQBjIq64EWdFQrnlamOU6SlSd8zA4SmABUmMcUjfsJzVYCTpGEarccwcx6aijMTdnzV6YCia3BvTj9dBNQuTjUPce78ad/aeBOIjUMMok51BbEFP+CR0H3T4XytqRkf1jddALh61GX6DUvTJvPu+9KZ5AuQaniu4dkjHz1LBIwh34oYo3H4pCqvvyu+DJZuBxNLyDOkXpBs+OL8hawQsFXcr0RWRI55DwSpTzy/dLBgJSbYnxVVUUpubgJwrnO3F5ZiPIhlw8VapJX323tY4t1sBbwPuKHbS0FdYvwvUKsO7sr/ZFfCZwphNqhfXclwIR5kZMYSEP4pZJZ89/V4Gxf8svw4tOt/Z/nU1Tonl1W5+nKgIFhi/+jIJrUYsgBkNXaxEv2iHT9ezL7mNu
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AS8P190MB1078.EURP190.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(7916004)(396003)(376002)(39830400003)(136003)(346002)(366004)(9686003)(54906003)(83380400001)(2906002)(316002)(956004)(186003)(8676002)(21480400003)(66476007)(66556008)(66946007)(6496006)(52116002)(4326008)(26005)(38350700002)(6916009)(38100700002)(5660300002)(86362001)(508600001)(8936002)(44144004)(33716001)(1076003)(6666004)(6486002)(46492013)(2700100001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: wqDh4tQQFNmK3S++0JIIXLXWJf28p+KYRfEa9zKr4SWNEJfc+nJYnCDj5mTHeDsRdzAXJLUpD18EO136v84pABIdqIB7NjR9mLE5byOAZeRh5uRs3vJA7d9ZWc7mPem1iO57aEBvfPze92L0nTH1aexpV9NJi8wriIiAoymlciQ43YIMDm8Qn+38DvVMQi8JThIL5K3keEX2HL99DD+rsH/LxeNxiYGMT6Pfg58K1IZ9Lzu2/S3cSPeKqtg6agfqTmlcadpE1wMHWNELhMIuAjV/L/tBlu/uGVFN5EYrwgpYqgmouE990FGko+V97jPgoAzOaXPsoi6N6F6ByutRm5AFujZmJEYEHCh1rU/EamaLarH70ct2zvSzHDfLk3cxnKi9YrR7FPhPwJzY3Thso2dXERDUoIOIP+ZdOWerWSbh3/Lc/1RELlSI9e2uGjHFpIN9O+6pcr0xVIFbFKJ95p/ZqLsBxeePsdOd14iEqbkpXsUerEpjfHnRNnNRGlJqUThkGIaqB21UIYUoqDwqgezkBKi4YR9ytNQoGrWEx/YfvU3BvknaD4533/bS1MIG5Ol54W4XXvwbjqUrDcibSEpzEAURD3cH4WRiCXrf5tXO9f1L3oWpDGOOXAPx3KMr0c41AE80y6Hl+Mlw7pxMENncRswFtWKQzM5mz2DTa9cYlD5ksRbsfGdPMCcW/uCH454BgroQ9Hitt5+BqUMmmAitSMWrJ07xmCc0lRJUGzf/p64CC7YHrp7HUJRDhdXOs6gRB7rRm1dj/+4TAAbdUcy6C94Y1a6nbDoFR59pctwlW1yJ2s4iwXbwlJIgbcyEpdXq7KA1ysRVRlm0UynbBxIniEQhmIrON1mq3u1nuACLa9iOqDVwUMKqlY3O5MNZ7Dut+JVB8z+QJrA07ysaiiOseFpA+JVoGWi4fBPhOCO4Fed4WaUq9SmhYSjeuZ4i7/3eL1tMEgkXWKVqYW6CeUgwxRfXrlmJ7PIGCTtJogbVVoK3RiG8NiiBVD63u9VjcQxXYcVv0y7xRLtajHFkDpnNf1qXdZrPRKsExJrcXp0aHps3BY3ILDl4QU3zumowkA2pSlKao7FpPQTJ12FSgEn0U7OawbF1WnGqsGKnq4eaPaUIwTS1vR/EsJtkiYbCywVr8eJLFqpcvmGXPhZ9pufR20P/Nc1yg+CQMkoE9W0f4KDuccAqgWxg6LbCqg13odeWy8IJcDXZ1sdc6Sz0eeqiRPA/9KQkI6f0xXrO5kLBzPN98RGGTnzItmVfAofpZoShw4D+Deut/URzLfqzgS1XEaF5pwgNK8ammryKbzh/pqMz0alRk2A1Tni+H+JA
X-OriginatorOrg: workonline.africa
X-MS-Exchange-CrossTenant-Network-Message-Id: 5d247f6f-8858-4b8a-08b9-08d98b3898b1
X-MS-Exchange-CrossTenant-AuthSource: AS8P190MB1078.EURP190.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2021 15:22:24.9139 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: b4e811d5-95e8-453a-b640-0fba8d3b9ef7
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 8XbkXAloOUgPsI74at+KFA9ajj6fOe7zZBq0tz47m0NoQrJMYRGQCgxEsHNrW/RDL/YN6+5say6K6Jx52nRY/g==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8P190MB1366
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/RjZd5Yh87-VOgAUB1F0MnPEWKXs>
Subject: Re: [Sidrops] I-D Action: draft-ietf-sidrops-6486bis-06.txt
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Oct 2021 15:22:37 -0000

Hi Russ,

On 10/08, Russ Housley wrote:
> Ben:
> 
> Different ASN.1 libraries are better at checking various constraints.
> 
> For example, in pyasn1, these two are equivalent:
> 
>    ver = rfc5280.Version(2)
>    ver = rfc5280.Version('v3')
> 
> However, it does not complain if a value that does not have a name is
> encoded.  That is, it just uses the named values as a more readable
> way to set specific INTEGER values.
> 
Yup. But it was not accidental that I didn't use python for my example!

> <snip/>
> 
> I think all of them are roughly the same to implement, but I tend to
> like the ability to talk about values like "v2" in the text.
> 
I absolutely agree in the case that one implements the necessary data
structures by hand.

However an ASN.1 compiler will usually generate the implementation for
you, and will need to choose how to represent the ASN.1 types in the
language's native types.

My point was that we (module authors) should consider the hints that we
give to compilers in order that they can make good choices.

Cheers,

Ben

v2.23.0 | Report a Bug | By Email