Re: [stir] Proposal for update of erratum #6519

Roman Shpount <roman@telurix.com> Tue, 20 April 2021 15:06 UTC

Return-Path: <roman@telurix.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D8E783A271E for <stir@ietfa.amsl.com>; Tue, 20 Apr 2021 08:06:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telurix-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y9UPwuthKYjP for <stir@ietfa.amsl.com>; Tue, 20 Apr 2021 08:06:24 -0700 (PDT)
Received: from mail-qt1-x831.google.com (mail-qt1-x831.google.com [IPv6:2607:f8b0:4864:20::831]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E5573A2756 for <stir@ietf.org>; Tue, 20 Apr 2021 08:06:24 -0700 (PDT)
Received: by mail-qt1-x831.google.com with SMTP id m16so28238935qtx.9 for <stir@ietf.org>; Tue, 20 Apr 2021 08:06:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telurix-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Mq85YShRujDhDrmNlc8MSi+kXAN4U/Um3gASCI7ZtSA=; b=ymBkyFZQGvrCHwg6QTALBHf9boRkTst+60BwltMmqKFgMZzX2nN7MxweqUd6oCPA+u KlgifY1CJGj/NBHejHEXjcgQA7c258NYd/1DhRVLQVYDmO7N9RuVhKhYqI+j2OMA1oIC RmurgEEYVUicFY18heNFaykHvVf81C7O+4Z6QpDWQGirDu0bUqJf2RLOKeN2GezEIk+P 9XYbvxL0S4gb6NbhfBvrxrKMdwP/wdPd32qgBrp/9rxJ5ncJSmZmX4I76wcnxFdl4I1l +PZd/R1/OhJUsX19dPcJydDbwYsn1nK4Upq/MRF0v+wfTk7t7FPevWn9nY2HqnM4zk9s oT7g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Mq85YShRujDhDrmNlc8MSi+kXAN4U/Um3gASCI7ZtSA=; b=NQm4PQR1OIonGmTZ0X7M4c71gQPnOBQSHE4w4SvlcHJAo2n9/QRxdLYa5oSMnH61Ua WI90Jvz+fkAV/iTd8NBRkGc9Qi0JcRLkU/zW3YGWqgWDZhbH4rMDaJk507nPHGcXyxcG K/C1z+EghzIuPXPQT5s+AVj9X5+opv5A6vUXN3F1c1Y394Sm6SFdlaR5sWacZlgGfxKn tZIBLDoCd5hWBPBAaJM0Vyrs0qfbAacopk15Li28hZy0lAl0Lf/BBP9LL4WT1WeAwnbo /VJqxpS1px0uLmP3SsGaQmMRUpaJK37U5JFzhD00RxhFYH4w9aPhhvSr10jdEIvbEk+a lJJA==
X-Gm-Message-State: AOAM531lOdkFdBDSHqwkI00JEJnchl40jQWLKHRt/IXr7V+69gfhikgI eUXk1nbQ1IFMyPOhnhvljTVdTojZxVBEVw==
X-Google-Smtp-Source: ABdhPJxUleiIRGPsZGdDM9SC+uLP2/KjAziSixP7pA+i0NrthpxLk+Nfu5J1+JiQ8R01XbJ0Gpgnyw==
X-Received: by 2002:a05:622a:138b:: with SMTP id o11mr1357130qtk.170.1618931180732; Tue, 20 Apr 2021 08:06:20 -0700 (PDT)
Received: from mail-yb1-f179.google.com (mail-yb1-f179.google.com. [209.85.219.179]) by smtp.gmail.com with ESMTPSA id w5sm12278278qkc.85.2021.04.20.08.06.20 for <stir@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 20 Apr 2021 08:06:20 -0700 (PDT)
Received: by mail-yb1-f179.google.com with SMTP id x76so33359041ybe.5 for <stir@ietf.org>; Tue, 20 Apr 2021 08:06:20 -0700 (PDT)
X-Received: by 2002:a25:5883:: with SMTP id m125mr24523861ybb.171.1618931178768; Tue, 20 Apr 2021 08:06:18 -0700 (PDT)
MIME-Version: 1.0
References: <42e964d3-2a16-660b-f8b4-fd9daedad115@petit-huguenin.org> <AM0PR07MB38604255784FF9E621257B2D93499@AM0PR07MB3860.eurprd07.prod.outlook.com> <3d8e2fce-d124-99b9-e295-734a36ad564a@petit-huguenin.org> <7558AA11-A7F9-4091-BFD3-F42C742AABAE@vigilsec.com> <167dde10-f242-2b6f-a7ce-96991158589a@petit-huguenin.org> <CAD5OKxvkN+BSY0XuBmfApDDWOLhqCLLFuQgVQryE+yHUftWs4w@mail.gmail.com> <15fc4a20-b5c8-cd27-b30e-76e1f479b4ff@petit-huguenin.org> <CAD5OKxvmvmotpxB8BGJfqRrVTjEGKQkQRow37gmwRMFaBGjEoA@mail.gmail.com> <DF470A3C-6033-48F4-8A61-3442C5DD2239@team.neustar>
In-Reply-To: <DF470A3C-6033-48F4-8A61-3442C5DD2239@team.neustar>
From: Roman Shpount <roman@telurix.com>
Date: Tue, 20 Apr 2021 11:06:06 -0400
X-Gmail-Original-Message-ID: <CAD5OKxtQ=f9_1s20-W1h5dXvfMd7fHehbSunX5hye5jxv4moMw@mail.gmail.com>
Message-ID: <CAD5OKxtQ=f9_1s20-W1h5dXvfMd7fHehbSunX5hye5jxv4moMw@mail.gmail.com>
To: "Peterson, Jon" <jon.peterson@team.neustar>
Cc: Marc Petit-Huguenin <marc@petit-huguenin.org>, IETF STIR Mail List <stir@ietf.org>, Russ Housley <housley@vigilsec.com>, Christer Holmberg <christer.holmberg@ericsson.com>
Content-Type: multipart/alternative; boundary="000000000000d3f3d205c068c966"
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/AVx-paVhfUsvyZXlVKbJnIpSFeI>
Subject: Re: [stir] Proposal for update of erratum #6519
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Apr 2021 15:06:30 -0000

On Tue, Apr 20, 2021 at 10:46 AM Peterson, Jon <jon.peterson@team.neustar>
wrote:

>
>
> Inline.
>
>
>
> *From: *stir <stir-bounces@ietf.org> on behalf of Roman Shpount <
> roman@telurix.com>
> *Date: *Monday, April 19, 2021 at 6:57 PM
> *To: *Marc Petit-Huguenin <marc@petit-huguenin.org>
> *Cc: *IETF STIR Mail List <stir@ietf.org>rg>, Russ Housley <
> housley@vigilsec.com>gt;, Christer Holmberg <christer.holmberg@ericsson.com>
> *Subject: *Re: [stir] Proposal for update of erratum #6519
>
>
>
> On Mon, Apr 19, 2021 at 7:56 PM Marc Petit-Huguenin <
> marc@petit-huguenin.org> wrote:
>
> A literalist.  Fantastic.
>
>
>
> That was not my understanding.
>
>
>
> We can go back to the recording to check on the decision.
>
>
>
> More importantly, what is the normative strength of "be tolerant to the
> absence of quotes when receiving"? Is this MUST accept quotes? SHOULD
> accept quotes?
>
>
>
> In the sentence "Implementations SHOULD use quotes around the token when
> sending", what would be the valid use cases when implementations are
> allowed not to use quotes?
>
>
>
> My understanding is that SHOULD implies well know exceptions.
>
>
>
> The exception we are aware of is that implementations exhibiting this
> behavior exist. It is, in other words, for backwards compatibility reasons.
>
>
>
> Regardless of what the recording says (we were kinda all over the place,
> if I recall), I think I agree that the right semantics are that you MUST
> accept quoted and unquoted, and SHOUD send quotes (the exception to the
> SHOULD being backwards compatibility). If we said you MUST send quotes,
> well, then implementations that don’t are violating the spec. As you
> pointed out, it’s kind of a mixed bag at the moment out there in terms of
> where implementations are.
>
>
>
Then we should say this in the text. Something like:

Implementations SHOULD use quotes around the token when sending and MUST
accept the token with or without the quotes around it. There are existing
implementations of this specification that send the ppt value without the
quotes, and such behavior is allowed for legacy interoperability reasons.

P.S. I know I am in the minority here, but I think values should be sent
without quotes. The main reason is that, in this case, the syntax reflects
the value content. By seeing the value without the quotes in the message,
it is understood that it is a token, spaces and special characters are not
allowed there, and the comparison is not case-sensitive. When the value is
in quotes, there is an assumption that this is a quoted string. Even though
the standard still defines this as a token, an extra step is required when
interpreting the message.

This entire thing reminds me of (sorry for the unrelated quote):

But I was thinking of a plan
To dye one's whiskers green,
And always use so large a fan
That it could not be seen.
_____________
Roman Shpount