Re: [stir] Proposal for update of erratum #6519 - ppt syntax

Marc Petit-Huguenin <marc@petit-huguenin.org> Wed, 21 April 2021 18:13 UTC

Return-Path: <marc@petit-huguenin.org>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8FDD3A31BD for <stir@ietfa.amsl.com>; Wed, 21 Apr 2021 11:13:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BDPXf55AQodC for <stir@ietfa.amsl.com>; Wed, 21 Apr 2021 11:12:58 -0700 (PDT)
Received: from implementers.org (implementers.org [IPv6:2001:4b98:dc0:45:216:3eff:fe7f:7abd]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC2383A31B8 for <stir@ietf.org>; Wed, 21 Apr 2021 11:12:57 -0700 (PDT)
Received: from [IPv6:2601:648:8400:8e7d:d250:99ff:fedf:93cd] (unknown [IPv6:2601:648:8400:8e7d:d250:99ff:fedf:93cd]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "Marc Petit-Huguenin", Issuer "implementers.org" (verified OK)) by implementers.org (Postfix) with ESMTPS id 917C0AE255; Wed, 21 Apr 2021 20:12:48 +0200 (CEST)
To: Christer Holmberg <christer.holmberg@ericsson.com>, Roman Shpount <roman@telurix.com>, Russ Housley <housley@vigilsec.com>
Cc: IETF STIR Mail List <stir@ietf.org>
References: <42e964d3-2a16-660b-f8b4-fd9daedad115@petit-huguenin.org> <AM0PR07MB38604255784FF9E621257B2D93499@AM0PR07MB3860.eurprd07.prod.outlook.com> <3d8e2fce-d124-99b9-e295-734a36ad564a@petit-huguenin.org> <7558AA11-A7F9-4091-BFD3-F42C742AABAE@vigilsec.com> <167dde10-f242-2b6f-a7ce-96991158589a@petit-huguenin.org> <CAD5OKxvkN+BSY0XuBmfApDDWOLhqCLLFuQgVQryE+yHUftWs4w@mail.gmail.com> <15fc4a20-b5c8-cd27-b30e-76e1f479b4ff@petit-huguenin.org> <CAD5OKxvmvmotpxB8BGJfqRrVTjEGKQkQRow37gmwRMFaBGjEoA@mail.gmail.com> <C0445D51-3AA5-40B3-8F75-0A1A446A5BF8@vigilsec.com> <CAD5OKxtiAtzC9Ma=cjSzksftkaXA31vahNv8gCTRy0ffxyu2AA@mail.gmail.com> <AM0PR07MB3860256D7A5910EFF821A58993479@AM0PR07MB3860.eurprd07.prod.outlook.com>
From: Marc Petit-Huguenin <marc@petit-huguenin.org>
Message-ID: <0a9d718c-e1d0-4100-feb9-0324451b008f@petit-huguenin.org>
Date: Wed, 21 Apr 2021 11:12:46 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.9.0
MIME-Version: 1.0
In-Reply-To: <AM0PR07MB3860256D7A5910EFF821A58993479@AM0PR07MB3860.eurprd07.prod.outlook.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/q2kH4i9l38CpLuoIsk2n1rzQvoA>
Subject: Re: [stir] Proposal for update of erratum #6519 - ppt syntax
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Apr 2021 18:13:04 -0000

On 4/21/21 10:53 AM, Christer Holmberg wrote:
> Hi,
> 
> I have not been able to follow the discussion in detail, but is there a reason why we simply can's say:
> 
> ident-type = "ppt" EQUAL token / quoted-string
> 
> ...and then add text saying that the only token characters are allowed?

I believe that exceptions to ABNF should be kept to the minimal necessary.   Few implementers read the ABNF, few implementers read normative text.  That means that only the intersection of these two sets will do the right thing.

That's also why we should not deviate from the norm:  We should have used COMMA in Identity, ident-info-uri should have been a field right after signed-identity-digest (similar to name-addr).

Standards are not driven by the best protocol designers' work, but by the worse implementers' shortcomings.

> 
> Regards,
> 
> Christer
> 
> 
> 
> ________________________________
> From: Roman Shpount <roman@telurix.com>
> Sent: Tuesday, April 20, 2021 5:20 PM
> To: Russ Housley <housley@vigilsec.com>
> Cc: Marc Petit-Huguenin <marc@petit-huguenin.org>rg>; Christer Holmberg <christer.holmberg@ericsson.com>om>; IETF STIR Mail List <stir@ietf.org>
> Subject: Re: [stir] Proposal for update of erratum #6519
> 
> Hi Russ,
> 
> The complete grammar would be:
> 
>        Identity = "Identity" HCOLON signed-identity-digest SEMI
>            ident-info *( SEMI ident-info-params )
>        signed-identity-digest = 1*(base64url-char / ".")
>        ident-info = "info" EQUAL ident-info-uri
>        ident-info-uri = LAQUOT absoluteURI RAQUOT
>        ident-info-params = ident-info-alg / ident-type /
>            ident-info-extension
>        ident-info-alg = "alg" EQUAL token
>        ident-type =  "ppt" EQUAL ( token / ( LDQUOT token RDQUOT ) )
>        ident-info-extension = generic-param
> 
> base64url-char = ALPHA / DIGIT / "-" / "_"
> 
> In this grammar, SEMI is defined as SEMI = SWS  ";"  SWS. This should take care of the SWS after the token.
> _____________
> Roman Shpount
> 
> 
> On Tue, Apr 20, 2021 at 9:22 AM Russ Housley <housley@vigilsec.com<mailto:housley@vigilsec.com>> wrote:
> 
> 
> On Apr 19, 2021, at 9:57 PM, Roman Shpount <roman@telurix.com<mailto:roman@telurix.com>> wrote:
> 
> ident-type = "ppt" EQUAL ( token / ( LDQUOT token RDQUOT ) )
> 
> Since RDQUOT allows whitespace after the double quote, do we need to allow whitespace after token when there are no quotes?
> 
>      ident-type = "ppt" EQUAL ( ( token SWS ) / ( LDQUOT token RDQUOT ) )
> 
> Russ
> 


-- 
Marc Petit-Huguenin
Email: marc@petit-huguenin.org
Blog: https://marc.petit-huguenin.org
Profile: https://www.linkedin.com/in/petithug