[Suit] SUIT manifest: suit-parameter-uri ... reference?
"Christian M. Amsüss" <firstname.lastname@example.org> Tue, 23 February 2021 16:07 UTC
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 02FCC3A2F43; Tue, 23 Feb 2021 08:07:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([184.108.40.206]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TPrLlPPtjdfm; Tue, 23 Feb 2021 08:07:32 -0800 (PST)
Received: from prometheus.amsuess.com (prometheus.amsuess.com [220.127.116.11]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E69393A2E21; Tue, 23 Feb 2021 08:07:21 -0800 (PST)
Received: from poseidon-mailhub.amsuess.com (095129206250.cust.akis.net [18.104.22.168]) by prometheus.amsuess.com (Postfix) with ESMTPS id D910F4008A; Tue, 23 Feb 2021 17:07:18 +0100 (CET)
Received: from poseidon-mailbox.amsuess.com (poseidon-mailbox.amsuess.com [IPv6:2a02:b18:c13b:8010:a800:ff:fede:b1bf]) by poseidon-mailhub.amsuess.com (Postfix) with ESMTP id DE6D6D3; Tue, 23 Feb 2021 17:07:17 +0100 (CET)
Received: from hephaistos.amsuess.com (unknown [IPv6:2a02:b18:c13b:8010:78bb:a8d7:5a94:4f02]) by poseidon-mailbox.amsuess.com (Postfix) with ESMTPSA id AFDB014E; Tue, 23 Feb 2021 17:07:17 +0100 (CET)
Received: (nullmailer pid 1255411 invoked by uid 1000); Tue, 23 Feb 2021 16:07:17 -0000
Date: Tue, 23 Feb 2021 17:07:17 +0100
From: Christian =?iso-8859-1?B?TS4gQW1z/HNz?= <email@example.com>
To: firstname.lastname@example.org, email@example.com
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="D7aOAXAE83AfPQNs"
Subject: [Suit] SUIT manifest: suit-parameter-uri ... reference?
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:firstname.lastname@example.org?subject=unsubscribe>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:email@example.com?subject=subscribe>
X-List-Received-Date: Tue, 23 Feb 2021 16:07:41 -0000
Hello SUIT authors, toying with the RIOT implementation of SUIT I was surprised it required the suit-parameter-uri that points from the manifest to the firmware to not support relative references, even though in their deployment the device obtains the manifest from the web. The current wording in suit-manifest is ambiguous to me: On the one hand it says "a URI" (and not "a URI reference"), on the other hand it compares it to Tag 32 (which is somewhat misleadingly named "URI" but described to match URI-reference), and makes rules about fragment-only references. Some clarification (saying "A URI reference from which" could suffice) would help here. If this is more than an editorial oversight (that is, if neither-full-nor-fragment references have not been considered), I hope that relative references stay allowed, as they are useful during ad-hoc network situations. Best regards Christian -- To use raw power is to make yourself infinitely vulnerable to greater powers. -- Bene Gesserit axiom
- [Suit] SUIT manifest: suit-parameter-uri ... refe… Christian M. Amsüss