ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: CBOR and a tag for "critical"

2013-08-15 15:19:53
from [Yaron Sheffer] [Permanent Link] 
Hi Paul,
I am quite sure that I fully understand the semantics of "critical" (probably erroneously), so I'm not the right person to clarify the various meanings of the word. I would appreciate a proposal.
Just for the record, my "critical" means: the reader must be able to process the data item according to its specification, not just syntactically but also semantically, and must fail otherwise. There may still be contained non-critical data items that are NOT understood by the reader.
Sec. 2.4 consistently mentions "tag" in the singular. For example, the first sentence could be "a data item can optionally be preceded by one or more tags" - but it isn't. 

Thanks,
        Yaron


On 2013-08-15 22:57, Paul Hoffman wrote:

On Aug 15, 2013, at 12:26 PM, Yaron Sheffer 
<yaronf(_dot_)ietf(_at_)gmail(_dot_)com> wrote:


- One tag value you may want to consider adding is "critical" in the
security sense of the word, i.e., an application is required to fail if
it does not understand the value (probably best applied to map keys).


That's also an interesting idea.  If included, it would be best to add
this as soon as possible, and ensure that it gets added to the test
vectors, to avoid problems we've had in the past with inadequate
implementations of criticality.


I agree this needs to go into the base spec ASAP, so that it really is treated 
correctly. And it certainly cannot be a later extension, as Paul suggested in 
another message.


You and I have been in IETF security WGs together for over a decade, and we have seen how often implementers 
have gotten "critical" wrong regardless of the wording in the various specs. They disagree about 
what it means to "understand" an extension, to "be able to process" an extension, and so 
on. They are completely sure that people who disagree with them are obviously wrong, even in the face of 
multiple examples by seasoned programmers.

Someone joked at the mic in some WG years ago that the critical bit was called 
that because we should be criticized for how poorly it is understood.

Instead of thinking "this time I'm sure we'll get everyone to understand this", 
it might be better to have an extended discussion which possibly ends in multiple tags 
with varying descriptions.


Also note that "critical" can be applied to all sorts of data, including data 
items that are already tagged! I think this is not allowed for according to the spec.


That is incorrect. Please point to the area where you think it says that so we 
can make it clearer.

--Paul Hoffman
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: TCPMUX (RFC 1078) status, Joe Touch
Next by Date:  Re: CBOR and a tag for "critical", Paul Hoffman
Previous by Thread:  CBOR and a tag for "critical", Paul Hoffman
Next by Thread:  Re: CBOR and a tag for "critical", Paul Hoffman
Indexes:  [Date] [Thread] [Top] [All Lists]