PS created issue https://github.com/anima-wg/constrained-voucher/issues/143 to add the COSE 'content type' header parameter requirement to the draft. (Authors still need to discuss it)
-----Original Message----- From: Carsten Bormann <c...@tzi.org> Sent: Thursday, July 22, 2021 10:39 To: Esko Dijk <esko.d...@iotconsultancy.nl> Cc: draft-ietf-anima-constrained-vouc...@ietf.org; Toerless Eckert <t...@cs.fau.de>; anima@ietf.org Subject: Re: [Anima] draft-ietf-anima-constrained-voucher COSE confusion On 2021-07-22, at 10:23, Esko Dijk <esko.d...@iotconsultancy.nl> wrote: > > be liberal in what it accepts Well, Postel’s principle doesn’t apply to wanton extension of the protocol (~ somebody might decide to do something different from the standard, so I’ll implement my idea of what that could be). If it says you need to have X, allowing Y just to get clients to rely on that and make life harder for other server implementations is also known as a common standards-busting strategy… (Not accusing you of this, just trying to explain my strong reaction.) [1]: https://datatracker.ietf.org/doc/draft-iab-protocol-maintenance/ The reason I was bringing up the benefits of identifying the payload as a voucher is that it would serve to fulfill number one of the Abadi-Needham principles: context-free messages ("Explicit communication" [2]). Grüße, Carsten [2] M. Abadi and R. Needham. Prudent Engineering Practice for Cryptographic Protocols. In 1994 IEEE Computer Society Symposium on Research in Security and Privacy, pages 122–136. IEEE Computer Society, May 1994. DOI 10.1109/RISP.1994.296587. Principle 1 Every message should say what it means: the interpretation of the message should depend only on its content. It should be possible to write down a straightforward English sentence describing the content-though if there is a suitable formalism available that is good too. [Note that “describing” here is semantic, a CDDL description is good too, but just structural.] _______________________________________________ Anima mailing list Anima@ietf.org https://www.ietf.org/mailman/listinfo/anima
