ietf
[Top] [All Lists]

Re: Genart last call review of draft-ietf-core-links-json-07

2017-04-25 18:09:11
Hi Elwyn,

thank you for your review — that is a lot of good input.

Before I start thinking about fixes for the WG to consider, let me comment on a 
few items:

Summary:Not ready for publication.  There a number of issues that need
to be addressed  as discussed below.  In particular whether the
formats could be returned as the web link specification instead of RFC
6990 format in response to a GET /.well-known/core request.

Having thought about the quote stripping/addition issue cited in Adam
Roach's DISCUSS, I would take a slightly different view... see below.

Major issues:

Intentions:
Is it one of the intentions of this draft that a server should be able
to return web link descriptions using JSON or CBOR, specifically in
response to GET /.well-known/core?  

Maybe not as much an intention as a possible direction that should remain open.

This draft defines two media types.  RFC 6690 defined another media type.
From the point of RFC 6690’s registration of /.well-known/core, RFC 6690 was 
the only media type available, so the assumption there is that 
application/link-format is returned.
But if a client sends a CoAP Accept option for one of the two media types 
defined here, that should be returnable, too.
So we probably should say this explicitly (i.e., update RFC 6690 by saying 
this).

Content formats for the new
formats are registered (s3.2) - could a user ask for the alternative
formats by specifying at ct filter with the GET request?  It strikes
me that if one has a constrained server of sufficiently limited
capabilities that it wants to use CBOR then having to encode the RFC
6690 format responses for the web links requests is wasting resources.
Some more thought needs to be given to this as an update to RFC 6690
- If I read correctly, RFC 6690 implicitly requires that a response to
GET /.well-known/core MUST be encoded as described in RFC6690.

That is one way to read it — however, if you apply the Web model and the fact 
that the Accept and Content-Format (integer version of media type + content 
coding) options are central to CoAP, a reading that RFC 6690 just specifies the 
initial media type for the well-known URI it defines becomes more likely.
But, again, we should make this explicit.

Minor issues:
Title:  The document appears only to address the CoRE Web Links format
rather than any other.  Should the title reflect this more precisely,
e.g.,
     Representing CoRE Web Links Format in JSON and CBOR

The RFC editor will force us to expand CoRE.
Probably even simpler:
          Representing
          Constrained RESTful Environments (CoRE) Link Format
          in JSON and CBOR

(The middle line is the title of RFC 6690.)

s1.1: Concerning:
  o  The simplest thing that could possibly work

     *  Do not cater for RFC 5988 complications caused by HTTP
header
        character set issues [RFC2047]

Having ferreted around in RFC 5988 and RFC 2047, I can't see what is
being referred to here.  However, I observe later that the "title*"
attribute (with language specifier) does not appear to be supported
(It is missing from Table 1) - is this what is relevant here? If so it
needs clarification. 

Indeed.

[Aside: I notice that the relevant ABNF in s5 of RFC 5998 is missing
external references to various productions (e.g., ext-value,
quoted-string) that are defined in other documents - in the given
examples RFC 2987, RFC 2616.]

s2.2/s5: This statement:
  The resulting structure can be represented in CDDL
  [I-D.greevenbosch-appsawg-cbor-cddl] as:

requires that the CDDL draft is a normative reference rather than
informative.

Well, this was meant to be interpreted as informative, but maybe that should be 
made more explicit.

[Aside:  Having skimmed the CDDL draft, I am of the opinion that a
good deal more work will be needed to get this ready for publication,
possibly to the extent that the CDDL quoted here becomes invalid. 

I don’t think so, but we would like to hear this opinion in the CBOR WG, where 
CDDL is being worked on.

Given the simplicity of the specification could it be done without the
use of CDDL?] 

The intention was that all the normative information is in English, that’s why 
the CDDL reference is informative.

s2.2: There needs to be some discussion of handling of double quoted
and non-double quoted strings during conversion:
I think it works to require that...
From RFC 6690 to JSON:
- If the parameter value is a double quoted string then it should have
the double quotes stripped, any necessary JSON character encodings
performed and the double quotes repapplied.

That’s not how the spec is written.  The assumption is that you already have a 
JSON or CBOR implementation, so the spec is at the data model level; it is not 
going to tell you how to parse or generate JSON or CBOR.  (Parsing and 
generating does, however, play a role for RFC6690.  Compare the example 
implementation, which is 90 % RFC 6690 implementation…)

- if the parameter value is anything else, then the necessary JSON
character encodings are done and the result enclosed in double
quotes.
[what about % encodings on the RFC 6690 side?]

We are having a lovely discussion about percent-encoding right now in a thread 
over at art@, ietf@, core@.
Let me cite this part from RFC 6690 so you can share the fun:

   In
   order to convert an HTTP Link Header field to this link format, first
   the "Link:" HTTP header is removed, any linear whitespace (LWS) is
   removed, the header value is converted to UTF-8, and any percent-
   encodings are decoded.

(This obviously creates a limitation on RFC 6690; essentially it can’t 
represent URIs with percent-encoded reserved characters.  Whether that 
limitation should mirror over to the JSON/CBOR side is to be discussed in that 
other discussion.)

From RFC 6690 to CBOR:
- If the parameter value is a double quoted string, the double quotes
are stripped and the result used as the CBOR string type value.
- Otherwise, the parameter value is used as the CBOR string value. 
[what about % encodings on the RFC 6690 side?]

(See above)


From JSON to RFC 6690: 
- Remove the double quotes from the JSON string value and do any
necessary decoding and encoding.  Reapply double quotes.  Note that
this may result in values that were originally not enclosed in double
quotes in the RFC 6690 repreentation becoming enclosed in double
quotes. However, [AFAICS] this does not alter the semantics of any of
the predefined parameters.  For example the ABNF productions mean that
ct=40 and ct="40" are equivalent (the second case is needed so that
one can also have ct="40 41 42").  What IS needed is a statement that
this must also apply to any application specific parameters.  

Yes, that was one of the points that Mark’s comments pointed out.

For
example the case in examples 4 and 5 of ..;foo="bar";foo=3;...
transforming to "foo":["bar","3"] and then back to
...;foo="bar";foo="3";.. MUST require that the two RFC 6690
representations are equivalent.

That is essentially an RFC 5988 limitation that RFC 6690 inherits and Mark’s 
RFC5988bis repairs by pretty much stating just this.

From CBOR to RFC 6690: 
[Essentially the same process - decode/encode and apply double quotes.
The discussion of equivalent semantics is equally applicable.]

The conversion from CBOR to JSON or in reverse is similar. 

(Ditto)

s2.3: It is not stated whether a CBOR decoder should accept literal
use of the encodable parameters - i.e., if the encoded CBOR contains [
"href": "/mumble" ] rather than [1 : "mumble£ ] in CDDL format. 

It should not.

   The above specification for JSON could be used as is for the CBOR
   encoding as well.  However, to further reduce message sizes, an extra
   encoding step is performed: "href" and some commonly occurring
   attribute names are encoded as small integers.

The “is”/“are" should be interpreted as MUST do that — maybe again this needs 
to be explicit.

Should a links-cbor decoder required to reject those 13 strings?  Hmm.
Interoperability probably says yes, complexity says no.

Similarly, should the use of the encoded values be mandatory on the
CBOR encoder?

Yes.

s2.3, Table 1:  Is the omission of title* from the list of parameter
names deliberate?  If so the omission justifies a note and rationale. 
Clearly the format of the value for a title* parameter is different
from all the others, which may have something to do with this.

Yes.  I’m forgetting what title* is being used for over in the Big Web, so I’ll 
have to look this up again.


s2.3/s5: eEfereences in Table 1 make RFC 7252 and RFC 7641 normative.

Here, I fully disagree (sorry, pet peeve — we are way too lax with the concept 
of normative references in the IETF).
When specification B uses a string that is mentioned in specification A, 
without needing anything else from specification A, this doesn’t make 
specification A normative for B.
A is normative if you need to read it to implement B; that is not the case here.


Nits/editorial comments: 
s1: s/e.g. /e.g., / (two places)

Thanks, a favorite mistake of this non-native speaker.

s1.1: The term "round-tripping" and the associated text are opaque
jargon that would normally  be applied to message transmission round a
loop rather than format conversion.  

(Actually, for me that is a term of art in format conversion.  But I only have 
worked on format conversions since 1982 :-)
Yes, we need to avoid jargon.

A more explicit formulation would
help naive readers.  Suggest (if I understand what was intended):
OLD:
  o  Canonical mapping

     *  lossless round-tripping with [RFC6690] and between JSON and
        CBOR

     *  but not trying for bit-preserving (DER-style) round-tripping
NEW:
  o  Canonical mapping

     *  supporting inter-conversion in both directions between any
pair 
        of [RFC6690] format and the CBOR and JSON formats defined
here 
        with unaltered and unambiguous semantics

     *  but not attempting to ensure that a sequence of conversions
from 
        one of the formats through one or both of the others and back
to 
        the original would result in an identical representation
(c.f., 
        as might be achieved by different BER transcoders rather than
by all 
        DER transcoders with ASN.1 [X.690]).
ENDS
This needs an informative reference to X.690 ... but I am not sure
that the DER comparison is essential.

(I hope, not.  But thanks for the text suggestion, that will certainly help.)

s2.2:  Suggest:
OLD:
  We straightforwardly map:

  o  the outer collection to an array of links;

  o  each link to a JSON object or CBOR map, mapping attribute names
to
     attribute values.

NEW:
  We straightforwardly map:

  o  the outer collection to an array of parameterized web links;

  o  each parameterized web link to a JSON object or CBOR map,
mapping attribute names to
     attribute values.
ENDS

Hmm, do we need the term “parameterized web link” for what most of us call 
“link”?

s2.2:
OLD:
The resulting structure can be represented in CDDL
  [I-D.greevenbosch-appsawg-cbor-cddl] as:
NEW:
The resulting structure can be represented in CBOR Data Definition
Language (CDDL)
  [I-D.greevenbosch-appsawg-cbor-cddl] as shown in Figure 1.

Yes.

s2.4: Note that the use of ct=40 in RFC 6690 is an anchronism.  The ct
parameter appeared in earlier versions of the draft that led to RFC
6690 but was moved out to be used more generally in CoAP and is
actually defined in RFC 7252 as mentioned in Table 1 here.  Thus use
of ct=40 in the example copied from RFC 6690 really needs an erratum
for 6690 but that is for another day!   

Actually, not quite, as “ct” is deliberately used in RFC 6690 in an example 
only — you wouldn’t look for a normative reference to a document defining “foo” 
if we had used that :-)

Again, thank you for that thoughtful feedback, this will help us significantly 
in making the specification better.

Grüße, Carsten