Re: [stir] Proposal for update of erratum #6519

Marc Petit-Huguenin <marc@petit-huguenin.org> Mon, 19 April 2021 19:25 UTC

Return-Path: <marc@petit-huguenin.org>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D5BD3A4030 for <stir@ietfa.amsl.com>; Mon, 19 Apr 2021 12:25:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[NICE_REPLY_A=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3zhQ5bTKyhi9 for <stir@ietfa.amsl.com>; Mon, 19 Apr 2021 12:25:51 -0700 (PDT)
Received: from implementers.org (implementers.org [IPv6:2001:4b98:dc0:45:216:3eff:fe7f:7abd]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B20653A402F for <stir@ietf.org>; Mon, 19 Apr 2021 12:25:51 -0700 (PDT)
Received: from [IPv6:2601:648:8400:8e7d:d250:99ff:fedf:93cd] (unknown [IPv6:2601:648:8400:8e7d:d250:99ff:fedf:93cd]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "Marc Petit-Huguenin", Issuer "implementers.org" (verified OK)) by implementers.org (Postfix) with ESMTPS id 9A03FAE255; Mon, 19 Apr 2021 21:25:47 +0200 (CEST)
To: Russ Housley <housley@vigilsec.com>
Cc: Christer Holmberg <christer.holmberg@ericsson.com>, IETF STIR Mail List <stir@ietf.org>
References: <42e964d3-2a16-660b-f8b4-fd9daedad115@petit-huguenin.org> <AM0PR07MB38604255784FF9E621257B2D93499@AM0PR07MB3860.eurprd07.prod.outlook.com> <3d8e2fce-d124-99b9-e295-734a36ad564a@petit-huguenin.org> <7558AA11-A7F9-4091-BFD3-F42C742AABAE@vigilsec.com>
From: Marc Petit-Huguenin <marc@petit-huguenin.org>
Message-ID: <167dde10-f242-2b6f-a7ce-96991158589a@petit-huguenin.org>
Date: Mon, 19 Apr 2021 12:25:45 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.9.0
MIME-Version: 1.0
In-Reply-To: <7558AA11-A7F9-4091-BFD3-F42C742AABAE@vigilsec.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/Nn0QNSyPVx2batvAcY-TjmDslm0>
Subject: Re: [stir] Proposal for update of erratum #6519
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Apr 2021 19:25:56 -0000

On 4/19/21 11:36 AM, Russ Housley wrote:
>>
>> On 4/19/21 9:48 AM, Christer Holmberg wrote:
>>> Hi,
>>> A few comments:
>>> Q1: Instead of talking about "being tolerant", we say that an implementation MUST accept values with or without quotes.
>>
>> That would place "with" or "without" quote on equal status, which they do not have.
>>
>>> ---
>>> Q2: Regarding the following statement:
>>> "Note also that the new syntax does not allow for spaces immediately before or immediately after the token when quoted."
>>> That is wrong. The syntax DOES allow it.
>>
>> No, it does not.  Let's expand it:
>>
>> ident-type = "ppt" EQUAL (token / ( SWS DQUOTE token DQUOTE SWS ))
> 
> SWS allows CRLF.  Is that allowed in a claim?  

No, but that's why I said 'a quoted value whose unquoted part is equivalent to the token in the "ppt" parameter'.  All these are the same claim ('\' used to wrap)

ppt=test
ppt=TeST
ppt="test"
ppt="TeST"
ppt = test
ppt = "test"
ppt \
   = \
     "teSt"

These are different claims than above:

ppt=" test"
ppt="test "
ppt="test
ppt=test"
ppt = "\
   test"
ppt = "test\
  "

> If so, I thought that LDQUOT is defined as SWS DQUOTE, and RDQUOT is defined as DQUOTE SWS.
> 
> If we are going to take this approach, we need to allow white space before EQUAL, and we also need it for the unquoted token.

EQUAL is SWS "=" SWS, so no need.

> 
> Russ
> 


-- 
Marc Petit-Huguenin
Email: marc@petit-huguenin.org
Blog: https://marc.petit-huguenin.org
Profile: https://www.linkedin.com/in/petithug