Re: [lamps] Barry Leiba's No Objection on draft-ietf-lamps-rfc6844bis-06: (with COMMENT)
Jacob Hoffman-Andrews <jsha@eff.org> Thu, 30 May 2019 22:48 UTC
Return-Path: <jsha@eff.org>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89DA3120256; Thu, 30 May 2019 15:48:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.426
X-Spam-Level:
X-Spam-Status: No, score=-7.426 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.415, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=eff.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qzQU8DXxDYkU; Thu, 30 May 2019 15:48:21 -0700 (PDT)
Received: from mail2.eff.org (mail2.eff.org [173.239.79.204]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1198D120259; Thu, 30 May 2019 15:48:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=eff.org; s=mail2; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:MIME-Version: Date:Message-ID:From:References:Cc:To:Subject:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=f47U5BuBcfsNnht+LNqITBWDROfRSmMGIF5S2eJA0nM=; b=pGVTmeXItMPfPW+uT3pRKlLBL/ VbZ4syQn/R3XcSjQnBuL39WqDiSVwTZ69b0J/cWhGY1meXYR8juRIbypRIV8DSFE6UeJOQjmJnyOM CN+f8L1UvqXYB3oVQtMFAcLzX5Y8FBUbXFv1jJ2GDGAJzoTdni3aNVyLmRdFlFC5CqSY=;
Received: ; Thu, 30 May 2019 15:48:19 -0700
To: Barry Leiba <barryleiba@computer.org>, The IESG <iesg@ietf.org>
Cc: spasm@ietf.org, Russ Housley <housley@vigilsec.com>, draft-ietf-lamps-rfc6844bis@ietf.org, lamps-chairs@ietf.org
References: <155903558962.25769.15348770094720924209.idtracker@ietfa.amsl.com>
From: Jacob Hoffman-Andrews <jsha@eff.org>
Message-ID: <28595623-ef90-4025-3189-4c52d5714819@eff.org>
Date: Thu, 30 May 2019 15:48:18 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <155903558962.25769.15348770094720924209.idtracker@ietfa.amsl.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/dOuOatG-1MvpUDmlvugreaJqY0U>
Subject: Re: [lamps] Barry Leiba's No Objection on draft-ietf-lamps-rfc6844bis-06: (with COMMENT)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 May 2019 22:48:26 -0000
> — Section 4.1 — > > Tag Length: A single octet containing an unsigned integer specifying > the tag length in octets. The tag length MUST be at least 1 and > SHOULD be no more than 15. > > What happens if it’s more than 15? What’s the interoperability issue, and how > would an implementor decide what to do with this requirement? Good point. Removed the <15 suggestion. > > Tags MAY contain US-ASCII characters 'a' through 'z', 'A' through > 'Z', and the numbers 0 through 9. Tags SHOULD NOT contain any other > characters. Matching of tags is case insensitive. > > Why “SHOULD NOT”, rather than “MUST NOT”? Why might my implementation need to > use other characters, and what are the interoperability consequences of doing > so? Changed to MUST NOT. > — Section 4.1.1 — > > Tag: Is a non-zero sequence of US-ASCII letters and numbers in lower > case. > > Make it “non-zero-length”. Done. > > -- Section 4.4 — > > The iodef Property Tag takes a URL as its Property Value. The URL > scheme type determines the method used for reporting: > > I presume that *only* the specified schemes (mailto, http, https) are allowed; > it would help to be explicit about that, lest someone get ideas to use sip or > some such. Done. > > — Section 5.6 — > > In practice, such an attack would be of minimal effect since any > competent competitor that found itself unable to issue certificates > due to lack of support for a Property marked critical SHOULD > investigate the cause and report the reason to the customer. The > customer will thus discover that they had been deceived. > > This doesn’t strike me as a BCP 14 “SHOULD”, but a normal English “should”. Done.
- [lamps] Barry Leiba's No Objection on draft-ietf-… Barry Leiba via Datatracker
- Re: [lamps] Barry Leiba's No Objection on draft-i… Jacob Hoffman-Andrews
- Re: [lamps] Barry Leiba's No Objection on draft-i… Barry Leiba