Re: [Uri-review] PKCS#11 URI registration request review

Jan Pechanec <jan.pechanec@oracle.com> Thu, 21 February 2013 05:49 UTC

Return-Path: <jan.pechanec@oracle.com>
X-Original-To: uri-review@ietfa.amsl.com
Delivered-To: uri-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA61921F8DC4 for <uri-review@ietfa.amsl.com>; Wed, 20 Feb 2013 21:49:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.741
X-Spam-Level:
X-Spam-Status: No, score=-6.741 tagged_above=-999 required=5 tests=[AWL=-0.143, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, UNPARSEABLE_RELAY=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KN+g4dQUngLX for <uri-review@ietfa.amsl.com>; Wed, 20 Feb 2013 21:49:39 -0800 (PST)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) by ietfa.amsl.com (Postfix) with ESMTP id AE7AB21F8DC1 for <uri-review@ietf.org>; Wed, 20 Feb 2013 21:49:39 -0800 (PST)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by aserp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r1L5nc95008732 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 21 Feb 2013 05:49:38 GMT
Received: from acsmt358.oracle.com (acsmt358.oracle.com [141.146.40.158]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r1L5nbAk010821 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 21 Feb 2013 05:49:38 GMT
Received: from abhmt112.oracle.com (abhmt112.oracle.com [141.146.116.64]) by acsmt358.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id r1L5nbWX013405; Wed, 20 Feb 2013 23:49:37 -0600
Received: from rejewski.us.oracle.com (/10.132.148.23) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 20 Feb 2013 21:49:37 -0800
Date: Wed, 20 Feb 2013 21:50:51 -0800 (PST)
From: Jan Pechanec <jan.pechanec@oracle.com>
X-X-Sender: jpechane@rejewski
To: Ted Hardie <ted.ietf@gmail.com>
In-Reply-To: <CA+9kkMC1YqRHjHVw8C23T_FjvykQbFEPXnXgBczEe9J18Uw9Bg@mail.gmail.com>
Message-ID: <alpine.GSO.2.00.1302202135500.122859@rejewski>
References: <alpine.GSO.2.00.1301261430001.28908@rejewski> <alpine.GSO.2.00.1302081722560.7401@rejewski> <CA+9kkMB2W9zZBuWvZmPE0aNf6NX_fbG6Fzx0R71QDQB9YNPamA@mail.gmail.com> <alpine.GSO.2.00.1302122349180.14210@rejewski> <CA+9kkMADpWzDk5gnRLoq6+_pHwJSjyOUsOgpJa9D6t73_45eyw@mail.gmail.com> <alpine.GSO.2.00.1302132246380.16175@rejewski> <CA+9kkMC1YqRHjHVw8C23T_FjvykQbFEPXnXgBczEe9J18Uw9Bg@mail.gmail.com>
User-Agent: Alpine 2.00 (GSO 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Source-IP: acsinet22.oracle.com [141.146.126.238]
Cc: Darren.Moffat@oracle.com, uri-review@ietf.org
Subject: Re: [Uri-review] PKCS#11 URI registration request review
X-BeenThere: uri-review@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Proposed URI Schemes <uri-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uri-review>, <mailto:uri-review-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uri-review>
List-Post: <mailto:uri-review@ietf.org>
List-Help: <mailto:uri-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uri-review>, <mailto:uri-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Feb 2013 05:49:42 -0000

On Tue, 19 Feb 2013, Ted Hardie wrote:

>>         my intention above was that if I specify how to compare URIs
>> then it also specifies how to compare values, too. I understand that's
>> probably not the best way to do it. On the other hand, we don't know how
>> PKCS#11 URI might be used so it may be worth to specify that.
>
>I think the safest thing to do is to specify a conservative comparison at the
>URI registration level (like bit-for-bit equality) but note that
>applications consuming
>them will likely use different comparison algorithms once the values have
>been pulled from the URI for use.
>
>Just a personal opinion, though; I'm not sure that there is a single
>right answer here.

	hi Ted, I think that in this case the simple string comparison 
would probably not work great since multiple attributes will be commonly 
used in URI instances and different ordering would result in many false 
negatives.

	I've just replied to Larry's email and I included a suggested 
new section which provides a set of quite strict rules as an alternative 
to the simple comparison. I understand that applications may always use 
different algorithms so I'm convinced now that giving easy to follow 
rules may decrease the number of ad-hoc algorithms that would be 
otherwise used.

	thanks a lot for the feedback, Jan

>regards,
>
>Ted
>
>>         I'm not sure what would be the best here. I could just take the
>> explanation of how library-version value should be read and move it out
>> of the Example section, or I could put together a small section on URI
>> comparison, explicitly stating how to do that (as in RFC 5870 on geo
>> URI, for example).
>>
>>         would you suggest me to write a section on comparision of URIs
>> when we don't expect people to do it?
>>
>>         regards, Jan.
>>
>> --
>> Jan Pechanec <jan.pechanec@oracle.com>;
>

-- 
Jan Pechanec <jan.pechanec@oracle.com>;