Re: [VCARDDAV] Signed vCards

DataPacRat <datapacrat@gmail.com> Mon, 15 July 2013 17:01 UTC

Return-Path: <datapacrat@gmail.com>
X-Original-To: vcarddav@ietfa.amsl.com
Delivered-To: vcarddav@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 48C3411E811B for <vcarddav@ietfa.amsl.com>; Mon, 15 Jul 2013 10:01:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.53
X-Spam-Level:
X-Spam-Status: No, score=-2.53 tagged_above=-999 required=5 tests=[AWL=0.070, BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a3S3qQVFHyhK for <vcarddav@ietfa.amsl.com>; Mon, 15 Jul 2013 10:01:33 -0700 (PDT)
Received: from mail-wg0-x232.google.com (mail-wg0-x232.google.com [IPv6:2a00:1450:400c:c00::232]) by ietfa.amsl.com (Postfix) with ESMTP id 40A1111E8194 for <vcarddav@ietf.org>; Mon, 15 Jul 2013 10:00:55 -0700 (PDT)
Received: by mail-wg0-f50.google.com with SMTP id k14so10357593wgh.17 for <vcarddav@ietf.org>; Mon, 15 Jul 2013 10:00:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=dvffDAioc0fbkwYQxilpHbCPCaCKsovr7rplySr2dCk=; b=SYw4UBNXplZHXfFU7zqxch26shUQXtHULCEQ5sdLAmSh/ofubHLhFCSvbwKI+Isv+B i/i3B+l0ypuXnfthJNxMyCtMqwxV9scSCPrMu2uUU/b/0au/BBvFVHT+8pfCWLrt6XAB hTxy9Tljofs3c9e4/3SYne1F83POJsQ3cDJei7PHaKAJvOhFRUywXXM1yuCcZi53Ibao mXn8E0g3Vk2he/5SlrjQ1DXHQXvEIEDB6Dl9UB0ABLfEsdAwIjUUahAYgR6ar0CnOmjW ng4i3OPZ0nNBD1NpVrZ6gQM99rjsYNtpC2a+VbhFYUP1p3mfaBsTB/gLK7RtL1c2hWP3 MuPQ==
MIME-Version: 1.0
X-Received: by 10.180.198.10 with SMTP id iy10mr8421362wic.29.1373907651348; Mon, 15 Jul 2013 10:00:51 -0700 (PDT)
Received: by 10.194.243.193 with HTTP; Mon, 15 Jul 2013 10:00:51 -0700 (PDT)
In-Reply-To: <CAB5WduBgpkQO+-4iNDspxR7X7JKeFU3UfjfiPd7qWWr7QRY3ew@mail.gmail.com>
References: <CAB5WduA09GVZ7j2q4e9aM-CYBj27_deKT=VHhVL0+gzG1yRq0A@mail.gmail.com> <CAD6ztsqqQwbN_-yv9+-tHuh8X1MfBRKEqF6ugH=0avHTuKxzWA@mail.gmail.com> <CAB5WduCO7mNPAqgqYWXmceog3wVNox5reUAjsCQRUXRQB0Wftw@mail.gmail.com> <51D18BC4.5030300@cisco.com> <CAB5WduAJSiqEjsw+DUo4Emy-Tw30nTw1WA2MshxJAfHN1sh0WA@mail.gmail.com> <51D1A52C.6000806@viagenie.ca> <CAB5WduDEe+tC21L6AbW0HRzTf5Z6L0oCA+M4X8_p1ERK0rFPtA@mail.gmail.com> <51D570F4.1020204@cisco.com> <CAB5WduC9OQDknwZj5PHQ0t8Y4V1vtpafeJuZXsnhrWKSmDfwFQ@mail.gmail.com> <CAB5WduC-m-TH9a1WrFY6QX8cQ2bJ8EgOD8+swEwpVxM7my42UA@mail.gmail.com> <CAB5WduBgpkQO+-4iNDspxR7X7JKeFU3UfjfiPd7qWWr7QRY3ew@mail.gmail.com>
Date: Mon, 15 Jul 2013 13:00:51 -0400
Message-ID: <CAB5WduCG356V5bHH8-7PYUtF3VqW5VRM-e=N0h7rbAJN51sSuA@mail.gmail.com>
From: DataPacRat <datapacrat@gmail.com>
To: Eliot Lear <lear@cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: "vcarddav@ietf.org" <vcarddav@ietf.org>
Subject: Re: [VCARDDAV] Signed vCards
X-BeenThere: vcarddav@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF vcarddav wg mailing list <vcarddav.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vcarddav>, <mailto:vcarddav-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vcarddav>
List-Post: <mailto:vcarddav@ietf.org>
List-Help: <mailto:vcarddav-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vcarddav>, <mailto:vcarddav-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jul 2013 17:01:34 -0000

On Sun, Jul 14, 2013 at 12:28 AM, DataPacRat <datapacrat@gmail.com> wrote:
> After some thought, there does seem to be at least one use case where having
> CONFIDENCE fields for any vCard property may be troublesome: when the
> confidence level is below 50%, and when the software reading the card isn't
> specifically design for vCards.
>
> One of the handiest things about vCards is that no matter which version is
> being used, it's fairly safe for a piece of reader software to simply ignore
> any tags or fields that it doesn't understand. However, a signed vCard
> written to revoke an association with an ID string, such as by using a DATE
> field with a low CONFIDENCE field, could break this; as the card is
> expressing the opposite of a piece of identity, but ignoring the unknown
> fields could lead a piece of software to conclude the opposite.
>
> I'm not sure that it's possible to easily resolve this issue, since dealing
> with such complicated identities is the whole point of my proposal. As a
> first thought - would it help to adjust the version number for signed
> vCards, such as from "4.0" to "4.0s"?

In case anyone's interested, my current working draft reads:

A vCard which is compatible with the signed vCard extensions MAY add
an 's' to the version number.
A vCard which uses any of the signed vCard extensions SHOULD add an
's' to the version number.
A vCard which uses a negative number in the CONFIDENCE property (ie,
has a confidence of under 50%) MUST add an 's' to the version number.




Thank you for your time,
--
DataPacRat
"Then again, I could be wrong."