IETF Logo Mail Archive

Re: Request for well-known URI: est

"Max Pritikin (pritikin)" <pritikin@cisco.com> Tue, 16 April 2013 20:21 UTC

Return-Path: <pritikin@cisco.com>
X-Original-To: wellknown-uri-review@ietfa.amsl.com
Delivered-To: wellknown-uri-review@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E8D1121F978A for <wellknown-uri-review@ietfa.amsl.com>; Tue, 16 Apr 2013 13:21:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gpladJCAtUe9 for <wellknown-uri-review@ietfa.amsl.com>; Tue, 16 Apr 2013 13:21:20 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) by ietfa.amsl.com (Postfix) with ESMTP id 15CF721F9788 for <wellknown-uri-review@ietf.org>; Tue, 16 Apr 2013 13:21:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2215; q=dns/txt; s=iport; t=1366143680; x=1367353280; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=uXizT68idDwFi3KTbqNbn2/1Y1D8ENODERHpV2zAHzA=; b=XCuYeL21XA6hJB2ENvbNbcL8kp5klg9mrOB3TGWE6xPAxtSNNTo3zOws 1nJxMHTtzzxqW7qL9b5OIf2YnsldHsh9kYVez/Dqk/nPiwSMi66NkAKbQ UPjt7hUt0g5lsMrm6PeHMXkB4dnE8moIxbwbXKUF2qyBPsivjIPcBRNVO 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgMFANyxbVGtJXG+/2dsb2JhbABQgwY2wH6BChZ0giABAQRrDhACAQgiJDIlAgQOBQiIDAysRZA1BI5oAjEHgmRhA4hOn0yDC4Io
X-IronPort-AV: E=Sophos;i="4.87,487,1363132800"; d="scan'208";a="199502416"
Received: from rcdn-core2-3.cisco.com ([173.37.113.190]) by rcdn-iport-5.cisco.com with ESMTP; 16 Apr 2013 20:21:19 +0000
Received: from xhc-rcd-x08.cisco.com (xhc-rcd-x08.cisco.com [173.37.183.82]) by rcdn-core2-3.cisco.com (8.14.5/8.14.5) with ESMTP id r3GKLJUY014550 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Tue, 16 Apr 2013 20:21:19 GMT
Received: from xmb-rcd-x03.cisco.com ([169.254.7.88]) by xhc-rcd-x08.cisco.com ([173.37.183.82]) with mapi id 14.02.0318.004; Tue, 16 Apr 2013 15:21:19 -0500
From: "Max Pritikin (pritikin)" <pritikin@cisco.com>
To: Barry Leiba <barryleiba@computer.org>
Subject: Re: Request for well-known URI: est
Thread-Topic: Request for well-known URI: est
Thread-Index: AQHOOr/y2HJ3iG8ARUyXQKwBb3sBk5jZnjkA
Date: Tue, 16 Apr 2013 20:21:19 +0000
Message-ID: <53EA47528D6ACF4486AA152F92C2B698D9675B@xmb-rcd-x03.cisco.com>
References: <516D6CC8.6070705@ieca.com> <516D6D25.708@ieca.com> <CALaySJLn4_ZZ0kv-2M_E0kZerj7JLJfathBwezBcZAH62ySuKg@mail.gmail.com>
In-Reply-To: <CALaySJLn4_ZZ0kv-2M_E0kZerj7JLJfathBwezBcZAH62ySuKg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.154.140.163]
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <A9F57E3DA1B07B46B1959B29029EBF3A@emea.cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailman-Approved-At: Tue, 16 Apr 2013 17:59:51 -0700
Cc: Sean Turner <turners@ieca.com>, "app-ads@tools.ietf.org" <app-ads@tools.ietf.org>, "<wellknown-uri-review@ietf.org>" <wellknown-uri-review@ietf.org>, "<draft-ietf-pkix-est@tools.ietf.org>" <draft-ietf-pkix-est@tools.ietf.org>
X-BeenThere: wellknown-uri-review@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Well-Known URI review list <wellknown-uri-review.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wellknown-uri-review>, <mailto:wellknown-uri-review-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/wellknown-uri-review>
List-Post: <mailto:wellknown-uri-review@ietf.org>
List-Help: <mailto:wellknown-uri-review-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wellknown-uri-review>, <mailto:wellknown-uri-review-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Apr 2013 20:21:21 -0000

Regarding the case sensitivity issue: I would have expected the registration to be case insensitive but... on well. I'm comfortable with the suggestion to make everything lowercase.

- max

On Apr 16, 2013, at 10:32 AM, Barry Leiba <barryleiba@computer.org> wrote:

> (Correcting the CC list; please only reply to this one...)
> 
>> I'd like to request a review of registration request for
>> .well-known/est, which is found in
>> https://datatracker.ietf.org/doc/draft-ietf-pkix-est/.
>> 
>> Summary: EST (Enrollment over Secure Transport) is a way for clients to
>> retrieve PKI-related "stuff" from an EST server.  Think posting
>> enrollment requests (i.e., PKCS#10), getting enrollment responses (i.e.,
>> PKCS#7 certs-only), re-enrollment, CA certificates, etc.
>> 
>> 
>> A related question, which I'm hoping you might be able to help with:
>> when specifying the URI bit below our soon-to-be wellknown URI do we
>> need to specify whether they are case sensitive or not?  For example, we
>> have:
>> 
>> /.well-known/est/CACerts
>> 
>> but would that only be the same as the following if we state that it's
>> case insensitive:
>> 
>> /.well-known/est/cacerts
> 
> Well, RFC 5785 says this:
> 
>   Registered names MUST conform to the segment-nz production in
>   [RFC3986].
> 
> And RFC 3986 says this:
> 
>      segment-nz    = 1*pchar
> ...
>      pchar         = unreserved / pct-encoded / sub-delims / ":" / "@"
> 
> This is part of the "path" portion of the URI, which is case-sensitive.
> 
> You would need to register all case combinations that you intend to
> use.  If you register "CACerts", then "cacerts" would not match.  If
> you register "CACerts" *and* "cacerts", then "CACERTS" would not
> match.
> 
> You need to pick one.  It would be a bad idea to register multiple
> similar ones.  I suggest registering the all-lower-case version,
> "cacerts".
> 
> Probably, 5785 should have declared well-known names to be
> case-insensitive, but it didn't.  I suspect that the designated
> experts would not accept registrations for different uses for names
> that differ only in case.
> 
> Barry

v2.23.0 | Report a Bug | By Email