Re: [Last-Call] Secdir last call review of draft-ietf-cbor-7049bis-14

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2020-08-10, at 22:24, Yaron Sheffer <yaronf.ietf@xxxxxxxxx> wrote:
> 
> I understand that, but realistically, without a list of (potential) validity checks in the RFC, there will be wide variance in what is documented by decoders – if any. In fact I checked a few implementations just now, and most of them do not document what validity checks they perform. Those that document something are hard to compare. If you make a canonical list, people would have a starting point.

To be fair, you probably checked RFC 7049 implementations, and RFC 7049 didn’t have such a requirement (improving the discussion of validity was one of the major work items in 7049bis, see Appendix G.3).

One point to keep in mind is that, with CBOR, most validity processing happens in the processing of tags, and that is an extension point.  So a list in 7049bis will never be complete.  Even if it only covers base CBOR and the tags registered in 7049/7049bis, a detailed version is likely to be tedious and highly dependent of specific implementation approaches.

Trying to imagine the outcome of this exercise, my visual image right now is a PICS Proforma, so I think I’ll better stop here...

Grüße, Carsten

-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux