Re: [Sidrops] Manifest entry filename validation

Stephen Kent <stkent@verizon.net> Thu, 19 November 2020 15:01 UTC

Return-Path: <stkent@verizon.net>
X-Original-To: sidrops@ietfa.amsl.com
Delivered-To: sidrops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68F773A0A26 for <sidrops@ietfa.amsl.com>; Thu, 19 Nov 2020 07:01:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.102
X-Spam-Level:
X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verizon.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wrOpPvfEsE6N for <sidrops@ietfa.amsl.com>; Thu, 19 Nov 2020 07:01:36 -0800 (PST)
Received: from sonic307-2.consmr.mail.bf2.yahoo.com (sonic307-2.consmr.mail.bf2.yahoo.com [74.6.134.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 494093A0D4C for <sidrops@ietf.org>; Thu, 19 Nov 2020 06:59:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=verizon.net; s=a2048; t=1605797994; bh=tVPnwqwPYZs2Q0JVQ8B8V1FdfvflZ+h45Jh8NVP0+BY=; h=Subject:To:References:From:Date:In-Reply-To:From:Subject; b=l/FBVHIzn8trzJLGOPjWQdzfdjKj6yC4ul+fqxCd4y8Tgl08basFst8SGHTFWPXC+ce64VTX6oA2NNrhsdVOlRtToiapa5/fJbLruKGXeBtk1pFDcrQWWCvAM2msewbo3dshpEus0qCt6AEU8+vU09z5eMOj6Y2c9447wVjEP4MK6Y/+c85RVPVzUARwAKm992i1ETvvqAyIt+oF1VuGBniSnhfGLWiyl1Z49JzPcD0vfq4+gSyFFIepb/InX/OaUYWdubttdRV+KHaMrHzfs4t4ePICS0vc9r94qbjXWeMu+i6NhpRoX1wsvemqz1mAgZ2gNm6ExVB/CHDqcTpSLA==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1605797994; bh=9jMU/QVs0nPKqhvzXiUbNVabdI0Frq2WICktAHpyAbf=; h=Subject:To:From:Date:From:Subject; b=rIZyyTp9lvp2LjxywT7I+FJshSVwisEOiPX7Qs9sUjdtBEPoKWB4NLtW4zx4m/uL9fjyNgjtMbY1RNQD5B/0H93k8CZr8ajtszZmwzlNhw8dqBDcr2KevmsKDF+AcbOQezV4pt6VQR3AEKmz500PY/Pf3dbIb0ANmsnE3oaF1ossFvD+eFYeYJN/k0W0iRhhBe6sLKHO2Y+k40a1b14SradkeYRJTLhysKkaZSYIdnGZdCBZUFtPAYIelyM6lMZAHwa4byLPxImxvbXgzFuMY/jAoO8pDXAa3//1c3OdB5j8gnU3WfLfNElN4O4x8+3e7Ejkg2AMBIs/sRJy0xoMTg==
X-YMail-OSG: HfSSntMVM1lReRab1mXhJalzJMK3QcE81i8lex3v7kZhGqQT4Io4qsYZM880ecc WDqHvUhfaa7S9k4oslk4R3EmE2wNW5CwODpwDwTx29o3gBXynzFcn7zLWvPH.CSvLF.xXiTRV.HJ hZWLOJa85jBDeEjY8IQZHlmeS2IdtqLCVXlLkr1lkY6F4YNXR30aKlSBcTE84aELZeLCINoRXxm0 WSWpzjE2kroMSHUYqIP0zSPuv4UcMJM3NXb.lIwKgV2u1AkMoehwm41nBDybtKizA5A3Nv7xTmWd 8XoBL7khhnlJCseI.C4fqRrD9vJCRkElDG1z.TSDIqjigV1ZASNZIKcshquKxZvoZ0..0J3p3U.L 3MF6rg.EMq9T8dAEUObAS7roBWJ.f9kJtUnnQVgruTckaDYjgc7799Un2r5UU0xci7Z48C.ZJffm TZbEs0nlSFMTxjBDrzMA0IW3tza.6Of0jPTDCqUGwvQ.VrUP6S8EfJ4H_6TcdCGgOS6U02KD96AQ 5EA.ln468CBzZe9uqpjXej9A_SyNh2Q9hoGVu.DUK_ZAqv..hE.RqHrDfwtZR7._A_CJpv9yOpqN fRqYyuQ7hoVIlO4Siv0ZgE6k0L2wN5L2EjDZSPfo3QkALeGAYffcyOzI9IYuFJNIb0fQB8EWXi1R Ou187m8pA8d5wjySXCINgX8CDXOXS1eWTnsWPU7IhFF_o0FIOVm9s2wwic1t51qkkOTLRUs9YbIJ vAfcC.lMLe30Q8qlWnmZOrLPOKIiPrUDZJBESBd6SNdc5cB2THL0PZVTv1x8na.EJAuhhpWWt_Sy axnKfSGtcUYHeMz8Iy5Tqa0HFxin3noNgKgnK3llZJ03wQFiwk_crj8yZ_Pex5O5MvmiPxOKWah8 yoD6F2vFr5t1SNsxHFQZB5MVWHZ73aK3RphmQCQDlY5OQjIuG8zbVGsJtvpIgnfIn1YfLcMg0HV6 TiQzRvQIOV9aRr0gLWVa4xeE0yNoP6IEUE8hFQfxHoS7JmRUb60oG97IbKAjTcGF7m8HXrWmwYch H1Shd3w8pjEC3O5KtnikVo.06_HVT1XhBHQXTDtVvps1qCHt3Xi8yXrb35..p1SMu2SM28CeGUDr C4PMHbkqcE9nhc.4IQArwW2.NmYWrzkyrX6uPzFVusPgJLS7cqrl_Fv2hEeA8BVp9t.XctAN5qmE oCtwD8qy48CG6KO1FMtxxK.72MPD4mG4.KOmqutovChkGISGe19S_86F.0jqK85WcNMAkvKyVPFb uBVvUA9GIlLsVoBij7eztUTsEj2wb5Lop33aQWiw4uAH8ZxZXbOO7Udksc1O2lRXlq1A8Q3Nx7wZ _CoXN9X9kkzM7cZdUFwLj7AlH0wEKG.lRwjOE7u8I9zw1tGn2Qu1YRCfjyl_gJtVt330F5p9nVvO aipKP2PsL4.OzdAeenc9C.WFUNfsyv1IryxiK1j32TtSQ9eN2IOv2.Iowp9pn5WHmDyhiV3QXNsu AG4.Y1peCBiZzl1yPv2y2f21UobIQ9S1p3V7fO8Mc3ogbDStdN0iLExZZn5BSNwoVvlOklRg8sql 9M7bLiybRw1Vtv1xm_rzW_sDi99nOHtwgKIaj3ieFcaQA02flQQylqV2sSs3ssNnTviC03bt9wjN 6bI.b9RBXf2s9xMtClWEaf1TLg2S2gm9CdjUsNxeXwzd3ZwvXf3GKox21j5odkUPDxk4HXFitNPy YUO6u_GQ4un2BTF9NbCQ3Osm1Fr7.i9zKCXlEwD4In7ECAi3Yab58x.R1NGQBdy_no2GqlYcM_HZ 4vJyIN9KMlnGh2uJA8l92QI4DAa6jTnZrvqe7n001v548L1RSWp65m1Oc7v5dv3DF2aYGpj8enV6 TOLqDZnDSL8pm0BB7JCjQPNKjPeDng0zIuAooYDApyMjugfzyjHCvoElrhpIEcPs.tOPQrXfhOAN KDwwy1ulfeEVvSUyOMZETWt5gKgDqtfVpFU8DA6r32dgDLcOEAOLuITq3eSxolpB0EaevQ2nYQ1M K0WqE53r_WbKWCYBKz5zkJtrOZ9m9nRTAsi1IXRYTQTVfgF_CBFRpswoZv4k6qyzDA6i0JN69Kju CggNPtxM__XqGOv5n3JK0n.coo_4O90WrwLBjCZFsihAl_xwA93m2KIr0Um7iHGvMKQwsopsCmB3 b_KOsj1Y5zAcaW9ZU5XtqT1Ht0oBzY3xv5ypi_S9.QKxGcnXrM5ukKyhABXOj8ftJQApNf6og8FX OVGPFunJ0sagAACwAN_V965PHXTJjIvpwz6wGOOGqR0iRCJrJdHF.aUJ5U8NfUk45Jn6eofJoGzI 7FwlLaJNMhLKghZw1orwmwyXFeNOQFaqIAH.e.IZkTn0pdoXJGJO2A44wFBtLTE4kuCZomC0775K svBkobHAwzDLWEHXmLTxnanD6HLYlTzFRPQhv0x.H.rliVr.nhTueMPnFHPR5VQ--
Received: from sonic.gate.mail.ne1.yahoo.com by sonic307.consmr.mail.bf2.yahoo.com with HTTP; Thu, 19 Nov 2020 14:59:54 +0000
Received: by smtp401.mail.bf1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID 1e238646c57d11af8576078c95c6fa76; Thu, 19 Nov 2020 14:59:49 +0000 (UTC)
To: sidrops@ietf.org
References: <18CC986C-97FA-41F6-A530-F782D3104A31@ripe.net>
From: Stephen Kent <stkent@verizon.net>
Message-ID: <3078ef7c-e282-a196-9f07-21789276673d@verizon.net>
Date: Thu, 19 Nov 2020 09:59:48 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.4.3
MIME-Version: 1.0
In-Reply-To: <18CC986C-97FA-41F6-A530-F782D3104A31@ripe.net>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-Mailer: WebService/1.1.16944 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.aol Apache-HttpAsyncClient/4.1.4 (Java/11.0.8)
Archived-At: <https://mailarchive.ietf.org/arch/msg/sidrops/ScdxhlVg-nr2SeITAlaAaEBIAC8>
Subject: Re: [Sidrops] Manifest entry filename validation
X-BeenThere: sidrops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: A list for the SIDR Operations WG <sidrops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidrops>, <mailto:sidrops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sidrops/>
List-Post: <mailto:sidrops@ietf.org>
List-Help: <mailto:sidrops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidrops>, <mailto:sidrops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Nov 2020 15:01:37 -0000

Erik,

Thanks for looking into this problem and proposing a solution. I'm 
anxious to incorporate changes into the -bis version before the end of 2020.

I believe the character set restrictions are appropriate, as is 
prohibiting single and double period directory entry names, and 
mandating the presence of the 3-character suffix. I also have no problem 
with prohibiting a specific set of names, such as the Windows-centric 
ones you mention.

The proposal to prohibit entries that differ only due to capitalization 
is worrisome. All of the other syntactic tests are easy to perform on 
individual entries. This test seems to require examining all entries at 
once to detect a violation. I'd rather not include this rule, because of 
the added complexity. Would folks like to mandate use of only upper or 
lower case characters as an alternative?

Steve