Network Working Group J. Richter Internet-Draft pdv Financial Software GmbH Intended status: Informational C. Bormann Expires: August 3, 2019 Universitaet Bremen TZI January 30, 2019 Concise Binary Object Representation (CBOR) Tag for Error Indications draft-richter-cbor-error-tag-01 Abstract The Concise Binary Object Representation (CBOR, RFC 7049) is a data format whose design goals include the possibility of extremely small code size, fairly small message size, and extensibility without the need for version negotiation. In CBOR, one point of extensibility is the definition of CBOR tags. While CBOR defines representations for null values and for an undefined value, there is no convention for expressing errors or exceptions in data structures, where the actual value desired could not be calculated due to an error. The present specification defines a tag for such error indications, enabling the addition of varying levels of detail. Note to Readers Please discuss this draft on the mailing list cbor@ietf.org - subscribe at https://www.ietf.org/mailman/listinfo/cbor to follow the discussions. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on August 3, 2019. Richter & Bormann Expires August 3, 2019 [Page 1] Internet-Draft CBOR Tag for Error Indications January 2019 Copyright Notice Copyright (c) 2019 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Error Format . . . . . . . . . . . . . . . . . . . . . . . . 3 3. CDDL typenames . . . . . . . . . . . . . . . . . . . . . . . 5 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 6.1. Normative References . . . . . . . . . . . . . . . . . . 6 6.2. Informative References . . . . . . . . . . . . . . . . . 6 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 6 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6 1. Introduction The Concise Binary Object Representation (CBOR, [RFC7049]) provides for the interchange of structured data without a requirement for a pre-agreed schema. RFC 7049 defines a basic set of data types, as well as a tagging mechanism that enables extending the set of data types supported via an IANA registry. In CBOR, one point of extensibility is the definition of CBOR tags. While CBOR defines representations for null values and for an undefine value, there is no convention for expressing errors or exceptions in data structures. The present specification defines a tag for such error indications, enabling varying levels of detail. Richter & Bormann Expires August 3, 2019 [Page 2] Internet-Draft CBOR Tag for Error Indications January 2019 2. Error Format An error value is indicated by CBOR tag TBD101, which tags a data item that may contain additional information about the error value: o If no further information is provided, the data item is the CBOR value null. o If a diagnostic text string is provided, the data item is that text string. o If more detailed information is provided, the data item is a map (CBOR major type 5), with text string or integer keys and values as defined by the application. This specification does not further define what keys and values should be used in a map that is used as the tagged item for this tag. However, to maximize interoperability, the following keys and values are suggested for use whenever they are appropriate for an application (the keys are text strings, suggested value types are indicated in the table with CDDL names): +---------+--------------------------------------------------+------+ | key | value | type | +---------+--------------------------------------------------+------+ | name | a formal name for the kind of error amenable to | text | | | program processing, maybe a class name or a URI | | | code | a number assigned for the kind of error, e.g. an | int | | | HTTP-style error code such as 404 | | | message | human-readable description; what would be in the | text | | | diagnostic text string if only that were | | | | provided | | | file | indicating location of error in program: file | text | | | name | | | line | indicating location of error in program: line | uint | | | number | | | column | indicating location of error in program: column | uint | | | number | | +---------+--------------------------------------------------+------+ Note that these suggestions have been somewhat inspired by the JavaScript "Error" object (Section 19.5 of [ECMA262])), except that two-word forms of keys have been shortened to single words. There is no intention that the details of the JavaScript "Error" object are normative for the present specification. More generally, there is no intention to limit the use of the Tag defined here to those applications that would employ the JavaScript "Error" object. Richter & Bormann Expires August 3, 2019 [Page 3] Internet-Draft CBOR Tag for Error Indications January 2019 (Discussion: changing lineNumber into line sounds like a good idea. Changing fileName into file is suboptimal, but reallu the problem is that neither says "source file". I was thinking about using "source" in place of "file".) Richter & Bormann Expires August 3, 2019 [Page 4] Internet-Draft CBOR Tag for Error Indications January 2019 3. CDDL typenames For the use with the CBOR Data Definition Language, CDDL [I-D.ietf-cbor-cddl], the type names defined in Figure 1 are recommended: error = error-of<(null / text / {* (int/text) => any})> error-of = #6.101(T) Figure 1: Recommended type names for CDDL 4. IANA Considerations In the registry [IANA.cbor-tags], IANA is requested to allocate the tag in Table 1 from the FCFS space, with the present document as the specification reference. +--------+-----------------+----------------------------+ | Tag | Data Item | Semantics | +--------+-----------------+----------------------------+ | TBD101 | null, text, map | [RFCthis] error indication | +--------+-----------------+----------------------------+ Table 1: Values for Tags 5. Security Considerations The security considerations of RFC 7049 apply. Error/diagnostic information provided by a system can disclose internals of that to an attacker; care should be taken with the tag introduced here that its use does not facilitate attacks in this way. Richter & Bormann Expires August 3, 2019 [Page 5] Internet-Draft CBOR Tag for Error Indications January 2019 6. References 6.1. Normative References [I-D.ietf-cbor-cddl] Birkholz, H., Vigano, C., and C. Bormann, "Concise data definition language (CDDL): a notational convention to express CBOR and JSON data structures", draft-ietf-cbor- cddl-06 (work in progress), November 2018. [IANA.cbor-tags] IANA, "Concise Binary Object Representation (CBOR) Tags", . [RFC7049] Bormann, C. and P. Hoffman, "Concise Binary Object Representation (CBOR)", RFC 7049, DOI 10.17487/RFC7049, October 2013, . 6.2. Informative References [ECMA262] Ecma International, "ECMAScript 2018 Language Specification", ECMA Standard ECMA-262, 9th Edition, June 2018, . Acknowledgements Authors' Addresses Joerg Richter pdv Financial Software GmbH Dorotheenstr. 64 Hamburg D-22301 Germany Email: joerg.richter@pdv-fs.de Carsten Bormann Universitaet Bremen TZI Postfach 330440 Bremen D-28359 Germany Phone: +49-421-218-63921 Email: cabo@tzi.org Richter & Bormann Expires August 3, 2019 [Page 6]