IETF Logo Mail Archive

Re: [stir] "rcdi" vs MIME Content-Encoding

Alec Fenichel <alec.fenichel@transnexus.com> Mon, 01 April 2024 21:17 UTC

Return-Path: <alec.fenichel@transnexus.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 856E6C14F69F for <stir@ietfa.amsl.com>; Mon, 1 Apr 2024 14:17:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.088
X-Spam-Level:
X-Spam-Status: No, score=-7.088 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_MIME_MALF=0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=transnexus.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p04HauXjlf-n for <stir@ietfa.amsl.com>; Mon, 1 Apr 2024 14:17:25 -0700 (PDT)
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2098.outbound.protection.outlook.com [40.107.223.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C1DC2C14F60E for <stir@ietf.org>; Mon, 1 Apr 2024 14:17:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AbgPbQ/O6SB+knHuu9bp8BFXYnKdztbyFHU/AIk1P1QeE6GV86r8CwsswrmKduxPe+a6K6uzReymghKHg4Uv4MQZiM28tl5U1Lgi+02tVROHjifjDr7+/oBcXpVrStyZdAkgq1cYciruWPsGd4QdxlrRPnFah1hJisIDr85h4h4zFucpW9ZSYNAqIAhOTCxSARFb+sipy30TR3/G7eLgpubInuAJJg9QOJjX7lg7Hfg8Twa8F3IIRmnBsYW5fPBo0B2/lUez65O8DgLBxtkA0/Y4WC8/Qgj/Dc6JvsOtTb/zy4PDP+br2YlW1KbJIX94zB0BBDI4mz/F7aTSsI3WMg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+zjkivp4MmmOPK3eUubdiw6GhlY423rYrpgDBwgtLA4=; b=NinMnV4ycyBJahJdznDvp5pg4amw1gRg3vO9gSAfK32/sw1KSWRzYmXQnak0Nr8jiRh0SjeR3rkP5qlxGUXwf5jyekUgWPpwNR/9mFteFjwOpiq0sX7k0kJdLxM4Y6kYwSZy6VzemXWZrl7R1DTG9lneEGRCzt1avGrTzNbgJEkmyN8PuOfn9DSNTGZs7c3TCwJidNpyWfDXGLTJ5WaA/SWU4MHYRyJ4Z348OpI4BLfXkoGCLwHtVcAO7nIZ5Y9+ZDLlfmcd84alP9GMdvLeTdBACE6wuEVtXgjDimj4rr+BLGCE745LVUcGnjPjZ6nqeMRpZbsnut+bbtzqb9+Shw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=transnexus.com; dmarc=pass action=none header.from=transnexus.com; dkim=pass header.d=transnexus.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=transnexus.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+zjkivp4MmmOPK3eUubdiw6GhlY423rYrpgDBwgtLA4=; b=ropIf7hodKBMW1vGB0G+R2jE8wBfMxAi67p4cNbphCzp9z/4vJoGPRX5ycGmYRvYqoAV2Vjt7ScvivVFvuPJpt303PWS0Kvw5uLaUpsrxc2KKFyM0UR2FofFO5DMOfkZCJzK+fn92CBcrT9y2LoHYd1pZYPeExjAPjjCKBOSfEM=
Received: from SJ2PR11MB8402.namprd11.prod.outlook.com (2603:10b6:a03:545::18) by CY8PR11MB7827.namprd11.prod.outlook.com (2603:10b6:930:77::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7452.25; Mon, 1 Apr 2024 21:17:21 +0000
Received: from SJ2PR11MB8402.namprd11.prod.outlook.com ([fe80::60ba:a4f3:c479:c160]) by SJ2PR11MB8402.namprd11.prod.outlook.com ([fe80::60ba:a4f3:c479:c160%6]) with mapi id 15.20.7452.019; Mon, 1 Apr 2024 21:17:20 +0000
From: Alec Fenichel <alec.fenichel@transnexus.com>
To: Ben Campbell <ben@nostrum.com>
CC: IETF STIR Mail List <stir@ietf.org>, "Peterson, Jon" <jon.peterson@transunion.com>, Chris Wendt <cwendt@somos.com>
Thread-Topic: [stir] "rcdi" vs MIME Content-Encoding
Thread-Index: AQHahHIqO/ezGhiAeEmzw7nOuWxug7FT27L5gAAM/ICAAAAvuQ==
Date: Mon, 01 Apr 2024 21:17:20 +0000
Message-ID: <SJ2PR11MB84028DB1EC1A6B11F1E0CEC6993F2@SJ2PR11MB8402.namprd11.prod.outlook.com>
References: <E7B3FBBB-672B-4CC2-AB32-B13C7759D861@nostrum.com> <SJ2PR11MB84027F8DE9935943D8652002993F2@SJ2PR11MB8402.namprd11.prod.outlook.com> <A158B773-4100-4AB6-BB67-EB369303266F@nostrum.com>
In-Reply-To: <A158B773-4100-4AB6-BB67-EB369303266F@nostrum.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_bbffddd8-f0ef-4859-b7a2-4d67ee51c2d0_Enabled=True; MSIP_Label_bbffddd8-f0ef-4859-b7a2-4d67ee51c2d0_SiteId=8e2972a2-d21d-49ac-b005-18e8ceaadee3; MSIP_Label_bbffddd8-f0ef-4859-b7a2-4d67ee51c2d0_SetDate=2024-04-01T21:09:26.3963535Z; MSIP_Label_bbffddd8-f0ef-4859-b7a2-4d67ee51c2d0_ContentBits=0; MSIP_Label_bbffddd8-f0ef-4859-b7a2-4d67ee51c2d0_Method=Standard
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SJ2PR11MB8402:EE_|CY8PR11MB7827:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Ho1Q4otU8e75sHGFmIJDiHeecuk89Gw+w88S6QLAkplV4xINYTjDJPYXPFNbg1vm7bwClZx+z7r4ilyqke+v49/bUNPCBc3qjSn7sNxb7AG9ugsHlAyebebxKBYFNytCbVa3dlVfHuD1G9OUrZHuFZO33eb2e1mMA86kJ5xvRVI7fXziHKoR4tLhfRv9l8KxbMfecVRZ1UrPDNGK8cWn1ZP1POrJwaroDrPXtSNx0TGCok4cFM8DCSlaYpUmFyhWW74AzBDhPgzlBDVqp/o9930U02DgFybO5z9l/Ojd6ox/hZ8nuQ3IENFkEjOgd9VllcKGooSrzL16GFILFaUoIwkFX9coliUCfEPYXdh+XJjOd9SZl2qOtMPui4RvzScIEFa3c8vxPL5bT2Z4++sTpNZmGBtXsa2Zzs1HNUQeavRISqGq3TnNDcbX+hjuqq6ZiEEN9O7p9g2grQSZTrkrNN/i8+KrvJfJunZ5+4tnOI9779N9hJqdKASUhtPsxo+CwdlkzzybUrq+NcL3i1WrUx2pVOTKO9bqTL5ON8PUMgzYyp6PZe1rpJWqjtQ2Ma+l
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SJ2PR11MB8402.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366007)(376005)(1800799015); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: +B9ylX2RUeTUsVxALeLpncVAUXA9LOferBuMMs7Dxg6s54vFtbt1qPL5blA8tZe6gr0AkmitDSbnEOTeWtAcLyU6Xv7jneZcmksWqJnVEfFM/YJtjWNcNHP62J8Gd83TtCWdqSjjThr1wPGmqWtQ+XEvsYNg4Fn7hLyxVUQ/3G6dyu3/sfdc3CUA8TEfcEao9/wwkQYXww3K1BieelbLfLzGft27t1Irh1uHQf7wlkb0IZ3kpNpDnwAwhCdvVsziHlAR6OhohgJjweKKbT1lp/ng1rwmkLznVRl2lDCG0PhlGdRCfSOvKsVmMkxF4I4aAu6PcO8h3ckJCYkfwOUqtNTyN8LBKphrr4VQIZTUFVJreeFpEL/ArkoKwFCMoDTEBwxyr6NC3BMBjmlRGw7MbehDCtG1HNnSSuH0yc8phQP2y8W1zGbDc0VwPEK9N2VF3h6H4O4Xr9wDDcWPHmg+/VTLwHfcWnnJjF2IG8ESTGVHhuE374FP3x0SJKN0nBSE8DGNbHOaCWXrRibs6C9rD+9kxg8/7Rm8h1rXMElfdyFJJDQbzap2Dr1bTEMA1gqUhlisovCj4kCUp752PA9Pn8ipoSDensOvWsA7+mGEqcN6DL1gttrRoU67LF5f3/PhqXaySyTH8BFkQU9ASt7vroeNRstNXP6FzSKOWo/1FgLBRZYivK+zCgBzTrylN8joce+Q9YvK/UF/ukyIfdNHBtyLHM68yWkIedEnbJnEXQImJ+KyW8qC2bM5NAFhJyrrlZJOiawC3mnpCHji+xulaetNUTDqc8P7toN5dMLDD7iZ4egF6DzZWj57kDUMUi+9kIbuTmHqYVwRdEale6GNUA2v0IPTSq3F972Gso9IRbMzlRl+176zwwndVU2FLogAb6y6BtJlHAE3mVAY90FC/aOY6bjY+FrLFQGE2pHbdLHn1gboP+If3PE1m9/vmuzNRCsNnC6athZXXtp+OmOdCqeZMaz/J25FKRHSqHSkCaU5ZtYSft5lGkwQ2lqEYkDdVPnjjNd3a2NlEyaPYcutUhXo9xEA7tr8Nhyii+g10/vuLMvJkDtyL1wFDKgv85Q0BPyUQj80Rpi3kNL0X8Mgi2+JiOtJWlxZSm80bkMtVs8pu32GLwt6PGM8r2tkbxgouH58WplnqScCvA6c9IMm3xKCbaoeGcquZ2Arh9hINFeOrok/WBjAehnejujY6TATe7g3dWO7jkxKm6L9E6siRZ3h3mdRLt7gCWzEraL+PdOu7U5ODyxOKtbrht/oVHvROJisE1VNUcHovoDpc+IzHcLBy0ivT8f5CxkxCvTxF91Hd2VCnO75o+Udtt4SyKlGORFhq8qlo+scicsMldvZCPkPpPbe2S3cUA0xY2VGxN9bUUx4Ce+62PxsYT0LwryujP28agwGP5kOiepR6rdAlaaV6QRkbJS0X6SJhU7hBZNNgqHXjbm2sJ9f6uhsf2OUMhv3bnJw74VALP8FBJL8Eth4umc3iMiN6Y7KWpUXrv5uZ89BOHE3E1vBaWfMSvrzMQZ70SQMupkK9dta+JEF4AkPKZmu2QcaWIherktHK9+YU94ZXGUnwM0tMxgqX2DiCNUEFLVp1VWhe8CvbMK8oVcd3xJiDnncwqX50iByxnmCfimyy06Eh2g2lZcixJNy
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg="sha256"; boundary="_D3995271-92BF-A749-BD24-283246CA6CA9_"
MIME-Version: 1.0
X-OriginatorOrg: transnexus.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SJ2PR11MB8402.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e818421b-8411-4c6a-ec0e-08dc52911de0
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Apr 2024 21:17:20.4388 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8e2972a2-d21d-49ac-b005-18e8ceaadee3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: QR6dcatlfe4aa2G2aHNxUljUY5LMiPLS463/x0gFSN0pvyGkr9I3pg3larL/a2cfVxDvqreFYawSkTWX9xyN8XVZIyHx+tks34FXtZiuALA=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR11MB7827
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/Bxd1zojUDE1Ea-sYPEYNznay1i8>
Subject: Re: [stir] "rcdi" vs MIME Content-Encoding
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2024 21:17:30 -0000

Ben, 

I had not thought about this until you sent this email and this is an important point, so I think it should be clarified. 

Sincerely, 

Alec Fenichel 
Chief Technology Officer 
TransNexus <https://transnexus.com/> 
alec.fenichel@transnexus.com <mailto:alec.fenichel@transnexus.com> 


+1 (404) 369-2407 <tel:+14043692407> 

From: Ben Campbell <ben@nostrum.com>
Date: Monday, April 1, 2024 at 17:09
To: Alec Fenichel <alec.fenichel@transnexus.com>
Cc: IETF STIR Mail List <stir@ietf.org>, Peterson, Jon <jon.peterson@transunion.com>, Chris Wendt <cwendt@somos.com>
Subject: Re: [stir] "rcdi" vs MIME Content-Encoding 

Yeah, I was just thinking that after sending the question. 


Does draft-ietf-stir-passport-rcd need to say something about Content-Encoding? Or is that sufficiently understood by everyone (other than myself)? 




On Apr 1, 2024, at 3:29 PM, Alec Fenichel <alec.fenichel@transnexus.com> wrote: 


It needs to be the decoded data. At the time the rcdi is sent, the content encoding is not necessarily known. A web server may support multiple content encodings and return the best encoding supported by the client (indicated by the Accept-Encoding header). 



Sincerely, 



Alec Fenichel 

Chief Technology Officer 

TransNexus <https://transnexus.com/> 

alec.fenichel@transnexus.com <mailto:alec.fenichel@transnexus.com> 

+1 (404) 369-2407 <tel:+14043692407> 





From: stir <stir-bounces@ietf.org <mailto:stir-bounces@ietf.org>> on behalf of Ben Campbell <ben@nostrum.com <mailto:ben@nostrum.com>>
Date: Monday, April 1, 2024 at 16:21
To: IETF STIR Mail List <stir@ietf.org <mailto:stir@ietf.org>>
Cc: Peterson, Jon <jon.peterson@transunion.com <mailto:jon.peterson@transunion.com>>, Chris Wendt <cwendt@somos.com <mailto:cwendt@somos.com>>
Subject: [stir] "rcdi" vs MIME Content-Encoding 

Hi, 




In thinking about the “rcdi” hashes and RCD “icn” keys: 





What if the target has Content-Encoding? Would the “rcdi” hash be over the raw or decoded data? 





For example, lets say that I get the following headers when dereferencing the “icn” key: 





Content-Type: image/svg+xml Content-Encoding: gzip 



Should the “rcdi” hash be over the compressed or uncompressed version of the data? I assume since draft-ietf-stir-passport-rcd-26 does not mention content-encoding, that the hash would be over the actual octets we get back on the wire prior to decoding. 





But I see that RFC 9399 (Certificate Logotypes), which seems like a similar-if-not-identical application, says the opposite for this specific example: 





Whether the SVG image is GZIP-compressed or uncompressed, the hash value for the SVG image is calculated over the uncompressed SVG content with canonicalized EOL characters, as specified above. 



Thoughts? 





Thanks! 





Ben.

v2.23.0 | Report a Bug | By Email