Re: [Suit] Mechanism to start with CBOR, leaving C-Struct for future extension (2 bytes cost - magic 0x82 0xF6 and 0x82 0x82)
Martin Pagel <Martin.Pagel@microsoft.com> Fri, 09 November 2018 01:49 UTC
Return-Path: <Martin.Pagel@microsoft.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18ACA1252B7 for <suit@ietfa.amsl.com>; Thu, 8 Nov 2018 17:49:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.47
X-Spam-Level:
X-Spam-Status: No, score=-2.47 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.47, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QLz7e_AXTMb3 for <suit@ietfa.amsl.com>; Thu, 8 Nov 2018 17:49:35 -0800 (PST)
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (mail-co1nam04on0724.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe4d::724]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1DEBE124D68 for <suit@ietf.org>; Thu, 8 Nov 2018 17:49:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HWvSa8uqNxBL5mdhfHmt00H7eCwFa3RJtLlA4ltC3/0=; b=HH0S6TMJv25GJSmNgxFZdx2ojJgGg7FrubTZ2HwDqPhFnElNIsr6MMlC8mdPW4pgPsSe82PXSlClC6D3z3PWCmXVezVGiIWWeKO8MocvqM5wPGbfKb1gxRDleOiH+6+5/WNmZBXbleILBvi9U5T68uyIoephgxxZTjuQWpzB6aY=
Received: from DM5PR21MB0698.namprd21.prod.outlook.com (10.175.112.13) by DM5PR21MB0124.namprd21.prod.outlook.com (10.173.173.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1339.10; Fri, 9 Nov 2018 01:49:33 +0000
Received: from DM5PR21MB0698.namprd21.prod.outlook.com ([fe80::a98a:d82e:2d5a:220f]) by DM5PR21MB0698.namprd21.prod.outlook.com ([fe80::a98a:d82e:2d5a:220f%16]) with mapi id 15.20.1339.009; Fri, 9 Nov 2018 01:49:33 +0000
From: Martin Pagel <Martin.Pagel@microsoft.com>
To: Alexander Pelov <a@ackl.io>, Carsten Bormann <cabo@tzi.org>
CC: "suit@ietf.org" <suit@ietf.org>
Thread-Topic: [Suit] Mechanism to start with CBOR, leaving C-Struct for future extension (2 bytes cost - magic 0x82 0xF6 and 0x82 0x82)
Thread-Index: AQHUd1k3wsPRWH2LdUupC1tPIVqw/6VFzyCAgAAFOQCAANaegA==
Date: Fri, 09 Nov 2018 01:49:33 +0000
Message-ID: <DM5PR21MB06989F1336B739EDEB10F4159DC60@DM5PR21MB0698.namprd21.prod.outlook.com>
References: <26E3BA1D-96D0-40D1-B54F-950B0B056587@ackl.io> <2EBD49CD-60DC-4D19-9157-19EAECB4103A@tzi.org> <CACQW0Ep+s7g7tkubVCjgdTVN20nX4ts7V1eUEy_RXc_zcLwD6g@mail.gmail.com>
In-Reply-To: <CACQW0Ep+s7g7tkubVCjgdTVN20nX4ts7V1eUEy_RXc_zcLwD6g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Owner=mapagel@microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2018-11-09T01:49:26.3173006Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic; Sensitivity=General
x-originating-ip: [166.255.203.150]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR21MB0124; 6:l0wqs+3Jtm+q0F7ePhzOM9gB4rRwI5cckRJvRXaAOUwW+/6yKwRDzazREmckT/9kzNTD6zAGcDGwJecZ+ZW81oYjCexjsjV0A0GoYZ/cc6hs8oXwpmibnWrjMPoYKj1CGsOO8wZbJveJeYHcaES1hDswqU81zxNwWjPogJ2mK2sOf4zBvj9tFRyu53P5C/MNkDTgttBOvDQB01jlP0loOTlSYLD/TQQAk8ntRy0JfRGUQXyRECaU2PPYUqRxdpjhQ0uVeDwsTE5hNKV5ojp7Z7eRfw4UZ/soaeEhoO/z23QXWl4T0KAigtJn+lLGYOKgZlUBaDFeWR3RpH7Ydt+wrEOE0XLCB4wYfx7FmOVHB2t2SswKEsSF+xsaiXoFyfsWZwbu2VixUypI1Vp4nFM4xYvB/EgOHYMSsuoQly1qANrP64mxpzt3GtuaQ8q47JK+uhsyOsw/fX0HX9u83A0AsA==; 5:bgN/Hid4vuCWGjc4KgSYxlWUaJx5FbthB0WJo9RceBj2Pfide5bBx4Tjz0CmMIK1hxrErxu9sP7kkY4EXyz6IXtSFUN+XShWSA6RbAn1Hm8+ZpTueEngu+9WhGnldgn9SEuCB2o13rKFBr2DMn36buSmYwVmExIsD7wZGjbFFlU=; 7:2Jauf1scQTXr0y2sKOhnwn3c2GcD3b8Jkkdhg/RSqd3x9qUVaHG8JYRhitS+dFZ1i431eSQmEYT6IMDRXV9xyRjKIKgrFlTqyjwLI0fl3zDbjJbXxzRVWHFF9zsXcYMWrHsfA8mKYbporvRBqxjN9Q==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 468d53cf-f659-402b-e4e7-08d645e598de
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600074)(711020)(4618075)(2017052603328)(7193020); SRVR:DM5PR21MB0124;
x-ms-traffictypediagnostic: DM5PR21MB0124:
x-ms-exchange-purlcount: 2
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Martin.Pagel@microsoft.com;
x-microsoft-antispam-prvs: <DM5PR21MB0124054C4FD047E2D15C23D29DC60@DM5PR21MB0124.namprd21.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(8220035)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(10201501046)(3231390)(944501410)(2018427008)(6055026)(148016)(149066)(150057)(6041310)(20161123562045)(20161123560045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(201708071742011)(7699051)(76991095); SRVR:DM5PR21MB0124; BCL:0; PCL:0; RULEID:; SRVR:DM5PR21MB0124;
x-forefront-prvs: 08512C5403
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(346002)(366004)(396003)(376002)(136003)(189003)(199004)(33656002)(53546011)(7736002)(81156014)(8676002)(81166006)(478600001)(72206003)(10290500003)(97736004)(6246003)(14454004)(8936002)(106356001)(74316002)(10090500001)(5660300001)(11346002)(8990500004)(105586002)(14444005)(256004)(66066001)(486006)(71200400001)(476003)(76176011)(2900100001)(186003)(6436002)(54896002)(6306002)(86362001)(9686003)(7696005)(68736007)(55016002)(6506007)(236005)(3846002)(110136005)(102836004)(26005)(99286004)(22452003)(53936002)(2906002)(229853002)(316002)(25786009)(446003)(4326008)(6116002)(86612001)(71190400001)(790700001)(781001); DIR:OUT; SFP:1102; SCL:1; SRVR:DM5PR21MB0124; H:DM5PR21MB0698.namprd21.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: q+tKF9L65e2+DPot1/rfzFEJb7Vzb6Wqs5aCyvQQPabA4UslYPl1M+noFFdJfH9FF3y3X+TByTgD9pR/MGRYWF80KHj47g8yb9v9RD12vIn9ePqqI70dq4QxCRBspW84MI3JR4KAT6N1XX2yaxDaqr6oQy9yZdzGLV7pfiHkS59a7Pvsrl+5tLnygcB1wAx+3whImaq7wufs3SakMlQh3oHtPTCPsQqOOxbMYbGOYkJTjj5o+7i+/fpkLmi3Bmy06URrlQNlq+4c3V1JsC1ltc1C0TkaoyJS6brxjGbt/0Ik3fgmTHqa0cRUKIQbLCsXvKHeJonK1LRrYR1aVjfIFKblwAWUg3eA9/SNFSKmd0Y=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_DM5PR21MB06989F1336B739EDEB10F4159DC60DM5PR21MB0698namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 468d53cf-f659-402b-e4e7-08d645e598de
X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Nov 2018 01:49:33.3114 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR21MB0124
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/hlxbCiNQq_oF8t-o1gHO94GvgX8>
Subject: Re: [Suit] Mechanism to start with CBOR, leaving C-Struct for future extension (2 bytes cost - magic 0x82 0xF6 and 0x82 0x82)
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Nov 2018 01:49:38 -0000
Alex, Very clever idea! I like the “magic bytes” to distinguish between the formats… But the increased size kind of defeats the purpose to have a simple tight format which can be easily loaded and interpreted in memory. I think the manifest format decision should be left to the platform vendor who also develops the update agent (status tracker or communicator). The Update Server will need to know anyway what options a particular platform requires as certain platforms will require specific image types, signature formats, instructions etc. We talked about the fact that every platform won’t support all options. Then the server might as well also generate CBOR or Binary manifest formats and not both. Martin From: Suit <suit-bounces@ietf.org> On Behalf Of Alexander Pelov Sent: Thursday, November 8, 2018 4:50 AM To: Carsten Bormann <cabo@tzi.org> Cc: suit@ietf.org Subject: Re: [Suit] Mechanism to start with CBOR, leaving C-Struct for future extension (2 bytes cost - magic 0x82 0xF6 and 0x82 0x82) Hi Carsten , On Thu, Nov 8, 2018, 7:31 PM Carsten Bormann <cabo@tzi.org<mailto:cabo@tzi.org> wrote: On Nov 8, 2018, at 18:50, Alexander Pelov <a@ackl.io<mailto:a@ackl.io>> wrote: > > 0x82 0x82 0xVV 0xC2 0x9A 0xXX 0xX1 0xX2 0xX3 0xX4 OTHER-ENCODING-BYTES 0xXZ 0xXZ .... I can’t quite parse this (bignum tag on array of lots of elements?).. Yep, the idea is to have a fixed number of bytes that allows for a non-cbor parser to skip to their payload , while in the same time keeping it a valid cbor construct. This, a SUIT manifest can be parsed by anyone, even if only to understand "that's not for me" It is important that the binary blob that contains the non-cbor manifest is in a fixed (and big enough) cbor container. That avoids the need for the binary parser to parse any cbor. Essentially, the algorithm is: Read first two bytes, if 0x82 0x82 then : Read third byte, if equal to my format version : Skip 7 bytes Load binary manifest (must have length indicator) Skip padding Of course a bespoke binary header can be carried within CBOR (preferably as a byte string, without needing to mask it as a bignum), and the addition or stripping of an “envelope” like 0x82 0x2A (for a 10-byte binary string) does not require a lot of lines of code. (See Section 3.2 of draft-ietf-core-multipart-ct for an example how this can be used the other way around, with non-fixed values/lengths.) The problem here really is that the bespoke byte string loses the extensibility inherent in CBOR. (We may not care about the additional safety, for code that will be highly robustness tested as well.) That may be OK for some applications, in which case I’d say go ahead… The real CBOR representation of the structure follows in the second array element, after all, and the users of the bespoke binary representation simply don’t get to see the extensions. But in general this is mostly a diversion distracting from getting the information model right… Completely agree on both points. What I wanted to point out is that there is a way to ensure extensibility and thus not block on binary formats . Just focus on CBOR (+the semantics and all that). Worst case scenario, that's a 2 byte overhead on all SUIT manifests. Alex Grüße, Carsten
- [Suit] Mechanism to start with CBOR, leaving C-St… Alexander Pelov
- Re: [Suit] Mechanism to start with CBOR, leaving … Carsten Bormann
- Re: [Suit] Mechanism to start with CBOR, leaving … Michael Richardson
- Re: [Suit] Mechanism to start with CBOR, leaving … Alexander Pelov
- Re: [Suit] Mechanism to start with CBOR, leaving … Martin Pagel