Re: [Uri-review] swid and swidpath URI scheme registration request
Ted Hardie <ted.ietf@gmail.com> Fri, 08 October 2021 15:29 UTC
Return-Path: <ted.ietf@gmail.com>
X-Original-To: uri-review@ietfa.amsl.com
Delivered-To: uri-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D322B3A02BB; Fri, 8 Oct 2021 08:29:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eNUoAq5-BEIG; Fri, 8 Oct 2021 08:29:16 -0700 (PDT)
Received: from mail-ot1-x32b.google.com (mail-ot1-x32b.google.com [IPv6:2607:f8b0:4864:20::32b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2FA0B3A00C8; Fri, 8 Oct 2021 08:29:16 -0700 (PDT)
Received: by mail-ot1-x32b.google.com with SMTP id r43-20020a05683044ab00b0054716b40005so12115251otv.4; Fri, 08 Oct 2021 08:29:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RiwDMkFxpL/WgSXn4EZE6h9VKqOAKawfs7Mt4jiWQmA=; b=nd3SFrCOfH5Glde3TD5n1z2Tdxtbjo9vqBEFwHxhCmwnR1u+/De0IC4jtysuNn26ys 6zMiklNINLQQpvtduSSa2g3zqgbO8l4XzivfnVlNCgvwhyWzaSKblNCzDGaJ73RZKxDz 3IHq1vr77t7F0u2CUfEA/12ZkJGYsdn79XXZS5VkCqyPGPcjJASBxWjUdxCSeWmDGq02 ncuUOsHnG9ambBIUZPTFoqiRzYlBZHpZsGIjUDkOOyIt0EEKz4qRTtIZmcbQ7kFG8h+f TmvUZUHSTh/Cwozdj4gyfj4WR3czw+hkVB0xZrkodwsDKHSmTYwwhKMQCpyBp5J7QnNK xWfg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RiwDMkFxpL/WgSXn4EZE6h9VKqOAKawfs7Mt4jiWQmA=; b=ShA84db/rxsgeBt1dFRi8qHps7MLwfDqJabGF1T3b4qgzAIf66SWd6ms3zbhX7CLEr sxSmp0OPOecP8pwU68Wx2FGFyurZ8qFH0j3LX1ywiCCtYWSug0Alib/uf9mKzX69MJz+ oU/0xU4EuZVdRqdCn5PitgvkmXaDYNCKQUCUcNK5mUlJAV8pEL3OrC1zmuZ3rVEyzarP PkvEC4kZoIQ5xrcC/qg6Q/lX8GAgH7KPVqu4GeMu9KW+sTSEBbstTR8rIN8Ic0NVD8aG YSWqC1JGaYyTSLiMydex8JneUALuU6h5gmc1YtQzPn6mwJhm/jNSZuEalkt5DMStN3Ic fn2g==
X-Gm-Message-State: AOAM531RxMXIPadGRbBbrGWvnN61VBdU0NSwLZvg2ajXfs+Ba/GBZnOy R93mtZBDPwEmLCB7geiQP/+ftkoKb4WZyloRgxa/9buISZI=
X-Google-Smtp-Source: ABdhPJxJHREh7j0l8u5gee7ohL0z7pTA4z6fzySRllZQ+bJftgT5ND6YbODVsyuJHo3RBtKMOUewloUdDl3aobN1XwE=
X-Received: by 2002:a9d:d84:: with SMTP id 4mr9231247ots.383.1633706955311; Fri, 08 Oct 2021 08:29:15 -0700 (PDT)
MIME-Version: 1.0
References: <MN2PR09MB48411AC3E02F488F11DE8252F0B29@MN2PR09MB4841.namprd09.prod.outlook.com>
In-Reply-To: <MN2PR09MB48411AC3E02F488F11DE8252F0B29@MN2PR09MB4841.namprd09.prod.outlook.com>
From: Ted Hardie <ted.ietf@gmail.com>
Date: Fri, 08 Oct 2021 16:28:49 +0100
Message-ID: <CA+9kkMBxFQdG8=tEbRo_D6YvjLNfjCVJtZVXPUriWnOOoVZusw@mail.gmail.com>
To: "Waltermire, David A. (Fed)" <david.waltermire=40nist.gov@dmarc.ietf.org>
Cc: "iana@iana.org" <iana@iana.org>, "uri-review@ietf.org" <uri-review@ietf.org>, "sacm@ietf.org" <sacm@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000bd0eda05cdd90aad"
Archived-At: <https://mailarchive.ietf.org/arch/msg/uri-review/ENoZqtD_V3RugfPzIi6KjliKBDM>
Subject: Re: [Uri-review] swid and swidpath URI scheme registration request
X-BeenThere: uri-review@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proposed URI Schemes <uri-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uri-review>, <mailto:uri-review-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uri-review/>
List-Post: <mailto:uri-review@ietf.org>
List-Help: <mailto:uri-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Oct 2021 15:29:21 -0000
Hi David,
My apologies, but I think I'm missing part of the scheme definition. In
Section 5.1, I see:
For URIs that use the "swid" scheme, the scheme specific part MUST
consist of a referenced software tag's tag-id. This tag-id MUST be
URI encoded according to [RFC3986] Section 2.1.
The following expression is a valid example:
swid:2df9de35-0aff-4a86-ace6-f7dddd1ade4c
I would have typically expected an ABNF production for the tag-id.
Instead, I see the following:
tag-id (index 0): A 16 byte binary string or textual identifier
uniquely referencing a software component. The tag identifier
MUST be globally unique. If represented as a 16 byte binary
string, the identifier MUST be a valid universally unique
identifier as defined by [RFC4122]. There are no strict
guidelines on how this identifier is structured, but examples
include a 16 byte GUID (e.g. class 4 UUID) [RFC4122], or a text
string appended to a DNS domain name to ensure uniqueness across
organizations.
Given the free-form nature of the text alternative, do I understand
correctly you intend to percent encode any reserved character? Is this
still the case if the DNS domain name is an IDN?
Since the text format subsumes the UUID format, is there a presumption that
the equivalence rules for text are always preferred to the arithmetic
equivalence rules that UUIDs may use?
regards,
Ted Hardie
On Fri, Oct 8, 2021 at 3:18 PM Waltermire, David A. (Fed) <david.waltermire=
40nist.gov@dmarc.ietf.org> wrote:
> This request is for the registrations of the "swid" and "swidpath" schemes
> defined in sections 6.6.1 and 6.6.2 of
> https://datatracker.ietf.org/doc/draft-ietf-sacm-coswid/18/.
>
>
>
> Please let us know if there are any questions or concerns.
>
>
>
> Regards,
>
> Dave Waltermire
>
>
>
>
> _______________________________________________
> Uri-review mailing list
> Uri-review@ietf.org
> https://www.ietf.org/mailman/listinfo/uri-review
>
- [Uri-review] swid and swidpath URI scheme registr… Waltermire, David A. (Fed)
- Re: [Uri-review] swid and swidpath URI scheme reg… Ted Hardie
- Re: [Uri-review] swid and swidpath URI scheme reg… Waltermire, David A. (Fed)
- Re: [Uri-review] swid and swidpath URI scheme reg… Ted Hardie