Re: [stir] Proposal for update of erratum #6519 - ppt syntax

Christer Holmberg <christer.holmberg@ericsson.com> Wed, 21 April 2021 19:40 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C7D213A3417 for <stir@ietfa.amsl.com>; Wed, 21 Apr 2021 12:40:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WofcMPv4uLXQ for <stir@ietfa.amsl.com>; Wed, 21 Apr 2021 12:40:40 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60045.outbound.protection.outlook.com [40.107.6.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0AD123A3406 for <stir@ietf.org>; Wed, 21 Apr 2021 12:40:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KNvPGoG2LQ3iA8kpq+RHBmssxEaiStgjDoa+kKelvxGLpy6/V+SMUNXfll7TMl2cnk6s0u6vASEYt+V5rP9oAW2pIBo+MjtFvRpOElx122FMvmIYh/t6+O2V9aAvAGVp+9ihn7ouKaP6zG1saraJOwtiwE+7UKJ+eYHvjEckbVhN9nH1EWwdRBtgElzl0Dql1ae/bl/gP2f+GTk0avFuRd59yMyTlpCx+sbyaFJ91xNKH8cx/Yor+JB0ZfhR3hB6ARdihGyCI0IifibfXYMLMO7f5/qk9egsI+o7tPO2RhZ+lc7BKgx6aFLlHJU3vz4trclSbqsWyoNsd4XR5e4C3g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fNcbQ1UyzYCLcw58Xy/9+TQ85QEwjsA/M49WHNEhyBA=; b=SbOLsRebf8Nn+ZS0t1tJXBoJGpNXHiWeOevK4odFcLcJrVHvXJQw/W0jRy1fv7IPHmSWc0lGm+bx5lNi8sui04zcNydShDufCdmr28gixM103eCKJJf3QfRniUKIqglsm3CG6B2SLmuYmnLZngKsR7FcwiUV9AuZHDW0UqSErBEiD2Xu1D9Dm9B1QfppJ/8TIeXPJiCvhrQ9x2EX3gK/l3fRSr43NuNXLnJX50AMrTE/PWY/GMz/szT/3KRdATCaH4X74We1e7NE3qxm/XSQ6u1pag1KJNGuh2WKfYgpbzhn7pVXaA7n66q9K9JRKSLzN0+gvWJhPNIsoZa2Z6QtRg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fNcbQ1UyzYCLcw58Xy/9+TQ85QEwjsA/M49WHNEhyBA=; b=fdUwF5NDupeaFY9K1BHEF8Rs9ItLhZABbZ2CwKgPeD8x8KZL5tszIr+PvbrpljmkJS0OtG3kejuwjeW8oBR0Z03Bro5s/sIQyyp+jGpTodUI9Rpu++KheEe7CUyBNrz7HizeEKsq9mqtUZ3hpE3RbV+vd9Ecu5KrxdiIiyUInhs=
Received: from AM0PR07MB3860.eurprd07.prod.outlook.com (2603:10a6:208:4c::18) by AM9PR07MB7154.eurprd07.prod.outlook.com (2603:10a6:20b:2cd::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.6; Wed, 21 Apr 2021 19:40:37 +0000
Received: from AM0PR07MB3860.eurprd07.prod.outlook.com ([fe80::b10f:ebc0:80d:db2]) by AM0PR07MB3860.eurprd07.prod.outlook.com ([fe80::b10f:ebc0:80d:db2%7]) with mapi id 15.20.4065.021; Wed, 21 Apr 2021 19:40:37 +0000
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Marc Petit-Huguenin <marc@petit-huguenin.org>, Roman Shpount <roman@telurix.com>, Russ Housley <housley@vigilsec.com>
CC: IETF STIR Mail List <stir@ietf.org>
Thread-Topic: [stir] Proposal for update of erratum #6519 - ppt syntax
Thread-Index: AQHXNtcvUG/+DAdI8keN0d4fbvY9Faq/Ri0AgAAXvuk=
Date: Wed, 21 Apr 2021 19:40:37 +0000
Message-ID: <AM0PR07MB3860EC9A134E1ECFBB1567E093479@AM0PR07MB3860.eurprd07.prod.outlook.com>
References: <42e964d3-2a16-660b-f8b4-fd9daedad115@petit-huguenin.org> <AM0PR07MB38604255784FF9E621257B2D93499@AM0PR07MB3860.eurprd07.prod.outlook.com> <3d8e2fce-d124-99b9-e295-734a36ad564a@petit-huguenin.org> <7558AA11-A7F9-4091-BFD3-F42C742AABAE@vigilsec.com> <167dde10-f242-2b6f-a7ce-96991158589a@petit-huguenin.org> <CAD5OKxvkN+BSY0XuBmfApDDWOLhqCLLFuQgVQryE+yHUftWs4w@mail.gmail.com> <15fc4a20-b5c8-cd27-b30e-76e1f479b4ff@petit-huguenin.org> <CAD5OKxvmvmotpxB8BGJfqRrVTjEGKQkQRow37gmwRMFaBGjEoA@mail.gmail.com> <C0445D51-3AA5-40B3-8F75-0A1A446A5BF8@vigilsec.com> <CAD5OKxtiAtzC9Ma=cjSzksftkaXA31vahNv8gCTRy0ffxyu2AA@mail.gmail.com> <AM0PR07MB3860256D7A5910EFF821A58993479@AM0PR07MB3860.eurprd07.prod.outlook.com>, <0a9d718c-e1d0-4100-feb9-0324451b008f@petit-huguenin.org>
In-Reply-To: <0a9d718c-e1d0-4100-feb9-0324451b008f@petit-huguenin.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: petit-huguenin.org; dkim=none (message not signed) header.d=none;petit-huguenin.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [194.157.44.197]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 35c6d72c-2e95-4e13-0454-08d904fd5694
x-ms-traffictypediagnostic: AM9PR07MB7154:
x-microsoft-antispam-prvs: <AM9PR07MB715426377615E8FFF35DD1A493479@AM9PR07MB7154.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6790;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: poX0xjoqgTsTUk0dV6h0BXi/tXSjauF8ooRywohDEQfGTJklUucDnKDqaai4v3Ht49DiG33Rx0RQYgYLrteGMSqUNoZFlSQnPQH0swzmVqZ72w8zOPKm/rRE3BMtxJg4zdyn3jIFpUoi3D936XIwvhznPB7LeaNmVWSV+iBQeJHMtibVjV0w6OMIVesmIImMssl29T8IR8A5jbRB930RZzd4AlkZXCzpK+ANrX0kmhSx1SBdwUwM7Kl0LoYu0p3dNovRbE5w1a3KgwEqR/IXm2+KGAfBDvzdOqaobDbnORvR+tInmCp7iAOAj67qwxBR2IGB0U2oH9RcULzZMLtCIwT/iVBwPOeb4s2TNHcrWB3ZeuoZy5hoPsi0jJN4Y8qhO+pTqgQg5hrNA9ZQo3tAcYtmGdfi7/zXLBCSPgVqdOzs5kSMEhNI8vpJxzxwXlYzOR64usUtuXrFfYLP89Nqx5n08cw4/j8o1EBamW2XHIWPLkihzcDYKJoC/9oRZj5a2mCbIbZRjj08cVWd20X6z4K0T3Q26uBYkSp8LWtoN8WMxD5vzvaytJJj08ZxoU+3DGdElPLzB5/LRvs6I+Agss5tdNMKHW+xqsy85vKh1S8MUGD7hab02fNofbxp2frtN8B4Wip49J1BZKKTB4rALLgb7wHAy2FQqLDXXrN/xoMMCNwVBWv0A95vpNNiESJU
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR07MB3860.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(136003)(39860400002)(366004)(396003)(376002)(346002)(19627405001)(83380400001)(66556008)(66946007)(64756008)(33656002)(66446008)(66476007)(38100700002)(7696005)(122000001)(110136005)(8676002)(166002)(76116006)(86362001)(52536014)(53546011)(2906002)(71200400001)(6506007)(5660300002)(4326008)(26005)(186003)(55016002)(15650500001)(966005)(316002)(9686003)(45080400002)(44832011)(8936002)(478600001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: CnD8hMRjrAbXeLjFOCK/TmXmLZISUL3g2C9fB+vQhiR2qSRPvEtZ7E8d1YWi+CCWt0UxsaZl8z0jLvzFFI4JvFCDthBWckZ/v3n2xqLaw3uz7y2isL6QjANk2DUKW8DDALCbGP1T+EpVBp0HfDfCUbeX2r9RcpSBg7HDNtSHAGf5OvSERP7A2oi0WnbD/3H63sXpF+9d1obqKvqJM0uiCevHWkPAuKPyzbGs+5lRFsPaG1lORSumKqKGeG+goZx40A377VZbPAIA2L/pmIRCUmhcW321bMVtr/vzKW119eaZeFbA0o1MdTVFWjWtxaK0b5h9unOtuja0ZDLcQehqTEihNLUNWrfGStVHm5S+TuCvYXcnTK2hoT+N4AvCSzkJw4z6kJax6nyiKWMj4svfMXq2FuKOcKdPhGujL4aSUyn8jmYABT9p6Kk26Ma1uuHhW5xqoL72ojV0Fhw6W6OjYYeFAUzv+oSKYwugvs6+bD+k28HHvtfQHUF15owmvx/ynNbAtcRm/8pYuh2H5N+GfLvPCLqc3RTwoS0Ak3H6GG6NLGw66HmlJqGVX7NK4/R5FX9lb1j195oQFe5X8zOIxkW8iUoeoewWIdIK2DodHQ1gKtwF1mChjLyTLENbslujGa3dSo7FNwZ0uKnZ3fKfhVVCdqmQMc+Mf4qcWGW5yZFg12uMd9jv4fNypqTUXQdrQOSmUUPZYII5DG7g++M8EdzwbuQZRh9mojAqOVKpR7NUW/aqmjj/vixEMlBAVMxKS9CXiw6KCzvumMH+z5C7Ys6Txcr1REc++/BehRYnPi7HrEIY+YZkjxv82W+KAmN8iHy/4J5V/N+qh77yO9+YwZRM1gTX3rX7J6vZ4iO6nMwV3aXCW4UI9eR21MJIKpiTLomOz9nw9QocFY95A6msPzi/X6VwdnWUWg/AzK2+yGK2NOWbcZ5M6O2aFmjzuI/+C80nlBqaLNJrzYtsTOkANR71hD6MkPkTj+9QtgW/l3K7BPgp9HjqbVYesCrFpbCM2ohEp/9bgLjbhcxRgqc5r8DDwAamI2rToLi0N9uqxmgKq//HHf4jum2If7+EjQN61H+lR84N3KGCtOGSzU28YMzo0/VcTDeQnhZc6ZXvSNUernwsbC3W60GCVawE5MEv9JOmdY5Av9A7Moc257r4Nk/dHv1Y0aZG/rLtgVQ/tbgkbQO9bDNFTBq91Sc1F5moYnhtPT0LtMzodi4tknjDVgKBlmFp1SSr/F5QHwlU98yjCMLvP/E+psB5ocdpOqOPavZ3e6om1mZVkSbyfPOsTQ+IEPkPWk2HI9InINbUDw5/qjIXKtf8sGCUmEsNeHwN
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_AM0PR07MB3860EC9A134E1ECFBB1567E093479AM0PR07MB3860eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM0PR07MB3860.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 35c6d72c-2e95-4e13-0454-08d904fd5694
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Apr 2021 19:40:37.3834 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: QUcYcauy0aNuzTqiEIn6tw3cVNFO0ks9Vv1gD4o+1Q1CIEVGZWuZRDvjgW11P3jtrkVxf6uH/FdLDBjw0+aTrUZancqnmrrtSLWZiz47maY=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR07MB7154
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/DcXxsu60Y61qdq79aDX3kgFzXRI>
Subject: Re: [stir] Proposal for update of erratum #6519 - ppt syntax
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Apr 2021 19:40:45 -0000

>> I have not been able to follow the discussion in detail, but is there a reason why we simply can's say:
>>
>> ident-type = "ppt" EQUAL token / quoted-string
>>
>> ...and then add text saying that the only token characters are allowed?
>
>I believe that exceptions to ABNF should be kept to the minimal necessary.

My suggestion is a subset of generic-param, which is the generic syntax for the parameters.

>Few implementers read the ABNF, few implementers read normative text.  That means that only the intersection of these two sets will do the right thing.
>
>That's also why we should not deviate from the norm:  We should have used COMMA in Identity, ident-info-uri should have been a field right after signed->identity-digest (similar to name-addr).

Perhaps, but that is not what the issue is about.

Regards,

Christer


>
>
>
> ________________________________
> From: Roman Shpount <roman@telurix.com>
> Sent: Tuesday, April 20, 2021 5:20 PM
> To: Russ Housley <housley@vigilsec.com>
> Cc: Marc Petit-Huguenin <marc@petit-huguenin.org>; Christer Holmberg <christer.holmberg@ericsson.com>; IETF STIR Mail List <stir@ietf.org>
> Subject: Re: [stir] Proposal for update of erratum #6519
>
> Hi Russ,
>
> The complete grammar would be:
>
>        Identity = "Identity" HCOLON signed-identity-digest SEMI
>            ident-info *( SEMI ident-info-params )
>        signed-identity-digest = 1*(base64url-char / ".")
>        ident-info = "info" EQUAL ident-info-uri
>        ident-info-uri = LAQUOT absoluteURI RAQUOT
>        ident-info-params = ident-info-alg / ident-type /
>            ident-info-extension
>        ident-info-alg = "alg" EQUAL token
>        ident-type =  "ppt" EQUAL ( token / ( LDQUOT token RDQUOT ) )
>        ident-info-extension = generic-param
>
> base64url-char = ALPHA / DIGIT / "-" / "_"
>
> In this grammar, SEMI is defined as SEMI = SWS  ";"  SWS. This should take care of the SWS after the token.
> _____________
> Roman Shpount
>
>
> On Tue, Apr 20, 2021 at 9:22 AM Russ Housley <housley@vigilsec.com<mailto:housley@vigilsec.com>> wrote:
>
>
> On Apr 19, 2021, at 9:57 PM, Roman Shpount <roman@telurix.com<mailto:roman@telurix.com>> wrote:
>
> ident-type = "ppt" EQUAL ( token / ( LDQUOT token RDQUOT ) )
>
> Since RDQUOT allows whitespace after the double quote, do we need to allow whitespace after token when there are no quotes?
>
>      ident-type = "ppt" EQUAL ( ( token SWS ) / ( LDQUOT token RDQUOT ) )
>
> Russ
>


--
Marc Petit-Huguenin
Email: marc@petit-huguenin.org
Blog: https://protect2.fireeye.com/v1/url?k=f5436fb7-aad856b2-f5432f2c-86959e472243-d9535674738af26e&q=1&e=7a194cb8-6230-48c3-b23f-d2e231acea1c&u=https%3A%2F%2Fmarc.petit-huguenin.org%2F
Profile: https://www.linkedin.com/in/petithug