none
[MS-WUSP] GetAuthorizationCookie clientID restrictions? RRS feed

  • Question

  • Hi,

    I'm investigating MS-WUSP (using the PDF of v20100711), and have a question about the clientID element within GetAuthorizationCookie (see Section 2.2.2.1.1 "GetAuthorizationCookie"). The specification says:

    "clientID: A globally unique string that the client SHOULD generate at the time of installation to identify itself. This element MUST be present"

    From the example in section 4, I'm guessing it is meant to be some kind of GUID. However that doesn't seem to be required by the normative parts of the specification, and I'm seeing SOAP faults if my clientID has a space (or underscore) in it, and those faults do not occur with the same code with clientID that consists only of upper/lower case text and dash characters.

    From Section 3.1.5.3, clientID  "MUST be a non-NULL string." However this doesn't seem to match what the Microsoft implementation actually checks for. Instead, there appears to be a some additional validation requirements for a clientID to be valid.

    Can you please advise on what the requirements for a clientID to be valid are?

    Thanks

    Brad

    Monday, August 2, 2010 11:11 PM

Answers

  • Brad,

     

    After investigation, we confirm that your observation is correct regarding the clientID parameter usage in MS-WUSP 2.2.2.1.1 "GetAuthorizationCookie". A future release of the document will clarify the requirements for a clientID. Note that the changes also affect the Sid parameter used in the ReportEventBatch method.

    In the proposed MS-WUSP update, Section 1.1 Glossary defines a new term ClientIdString. The remaining changes to the document refer to this definition (see details below).

    ClientIdString: a globally unique string that identifies a client machine to the update server.  It is between 1 and 255 characters in length and contains only the letters a-z, the digits 0-9, or the hyphen.

     

    Current MS-WUSP

    ------------------------

     

    2.2.2.1.1   GetAuthorizationCookie

    clientID: A globally unique string that the client SHOULD generate at the time of installation to identify itself. This element MUST be present.

    2.2.2.3.1   ReportEventBatch

    Sid: A globally unique string that MUST match the string used as the clientId parameter to GetAuthorizationCookie (section 2.2.2.1.1).

    3.1.5.3   GetAuthorizationCookie

    Request Validation:

    Parameter

    Validation Conditions

    Error Code

    clientID

    MUST be a non-NULL string.

    InvalidParameters or InternalServerError<13>

    dnsName

    MUST be a non-NULL string consistent with DNS naming requirements.

    InvalidParameters or InternalServerError<14>

    3.2.1   Abstract Data Model

    Properties Table: Persistently stored properties used by the client. There is exactly one entry, which MUST include the following element.

    § ClientID: A globally unique string that the client generates to uniquely identify itself to the server.

    3.2.3   Initialization

    On its first initialization, each client MUST assign itself a globally unique ClientID string. The resulting ClientID string MUST be stored in a persistent storage location for use in subsequent protocol operations. The algorithm used by the client to create the ClientID is implementation-specific.<30>

     

    MS-WUSP update similar to the following

    ------------------------------------------------------

     

    1.1   Glossary

    The following terms are specific to this document:

    ClientIdString: a globally unique string that identifies a client machine to the update server.  It is between 1 and 255 characters in length and contains only the letters a-z, the digits 0-9, or the hyphen.

    2.2.2.1.1   GetAuthorizationCookie

    clientID: A ClientIdString that the client SHOULD generate at the time of installation to identify itself. This element MUST be present.

    2.2.2.3.1   ReportEventBatch

    Sid: A ClientIdString that MUST match the string used as the clientId parameter to GetAuthorizationCookie (section 2.2.2.1.1).

    3.1.5.3   GetAuthorizationCookie

    Request Validation:

    Parameter

    Validation Conditions

    Error Code

    clientID

    MUST be a non-NULL ClientIdString.

    InvalidParameters or InternalServerError<13>

    dnsName

    MUST be a non-NULL string consistent with DNS naming requirements.

    InvalidParameters or InternalServerError<14>

    3.2.1   Abstract Data Model

    Properties Table: Persistently stored properties used by the client. There is exactly one entry, which MUST include the following element.

    § ClientID: A ClientIdString that the client generates to uniquely identify itself to the server.

    3.2.3   Initialization

    On its first initialization, each client MUST assign itself a ClientIdString. The resulting value MUST be stored as the ClientID property in a persistent storage location for use in subsequent protocol operations. The algorithm used by the client to create the ClientID is implementation-specific.<30>

     

    Best regards,

    Edgar

    Friday, August 13, 2010 4:58 PM
    Moderator

All replies

  • Hi, Brad,

     

    A member of the Protocols team will research this for you and reply soon, as well as your follow-up at http://social.msdn.microsoft.com/Forums/en-US/os_windowsprotocols/thread/fe266049-8a08-44cd-bfa9-5fd4f3eacec9?prof=required

     

     


    Bryan S. Burgin Senior Escalation Engineer Microsoft Protocol Open Specifications Team
    Tuesday, August 3, 2010 5:01 AM
    Moderator
  • Brad,

    I have taken ownership of this issue and will update you as soon as I have news.

    Regards,

    Edgar

    Tuesday, August 3, 2010 8:52 PM
    Moderator
  • Brad,

     

    After investigation, we confirm that your observation is correct regarding the clientID parameter usage in MS-WUSP 2.2.2.1.1 "GetAuthorizationCookie". A future release of the document will clarify the requirements for a clientID. Note that the changes also affect the Sid parameter used in the ReportEventBatch method.

    In the proposed MS-WUSP update, Section 1.1 Glossary defines a new term ClientIdString. The remaining changes to the document refer to this definition (see details below).

    ClientIdString: a globally unique string that identifies a client machine to the update server.  It is between 1 and 255 characters in length and contains only the letters a-z, the digits 0-9, or the hyphen.

     

    Current MS-WUSP

    ------------------------

     

    2.2.2.1.1   GetAuthorizationCookie

    clientID: A globally unique string that the client SHOULD generate at the time of installation to identify itself. This element MUST be present.

    2.2.2.3.1   ReportEventBatch

    Sid: A globally unique string that MUST match the string used as the clientId parameter to GetAuthorizationCookie (section 2.2.2.1.1).

    3.1.5.3   GetAuthorizationCookie

    Request Validation:

    Parameter

    Validation Conditions

    Error Code

    clientID

    MUST be a non-NULL string.

    InvalidParameters or InternalServerError<13>

    dnsName

    MUST be a non-NULL string consistent with DNS naming requirements.

    InvalidParameters or InternalServerError<14>

    3.2.1   Abstract Data Model

    Properties Table: Persistently stored properties used by the client. There is exactly one entry, which MUST include the following element.

    § ClientID: A globally unique string that the client generates to uniquely identify itself to the server.

    3.2.3   Initialization

    On its first initialization, each client MUST assign itself a globally unique ClientID string. The resulting ClientID string MUST be stored in a persistent storage location for use in subsequent protocol operations. The algorithm used by the client to create the ClientID is implementation-specific.<30>

     

    MS-WUSP update similar to the following

    ------------------------------------------------------

     

    1.1   Glossary

    The following terms are specific to this document:

    ClientIdString: a globally unique string that identifies a client machine to the update server.  It is between 1 and 255 characters in length and contains only the letters a-z, the digits 0-9, or the hyphen.

    2.2.2.1.1   GetAuthorizationCookie

    clientID: A ClientIdString that the client SHOULD generate at the time of installation to identify itself. This element MUST be present.

    2.2.2.3.1   ReportEventBatch

    Sid: A ClientIdString that MUST match the string used as the clientId parameter to GetAuthorizationCookie (section 2.2.2.1.1).

    3.1.5.3   GetAuthorizationCookie

    Request Validation:

    Parameter

    Validation Conditions

    Error Code

    clientID

    MUST be a non-NULL ClientIdString.

    InvalidParameters or InternalServerError<13>

    dnsName

    MUST be a non-NULL string consistent with DNS naming requirements.

    InvalidParameters or InternalServerError<14>

    3.2.1   Abstract Data Model

    Properties Table: Persistently stored properties used by the client. There is exactly one entry, which MUST include the following element.

    § ClientID: A ClientIdString that the client generates to uniquely identify itself to the server.

    3.2.3   Initialization

    On its first initialization, each client MUST assign itself a ClientIdString. The resulting value MUST be stored as the ClientID property in a persistent storage location for use in subsequent protocol operations. The algorithm used by the client to create the ClientID is implementation-specific.<30>

     

    Best regards,

    Edgar

    Friday, August 13, 2010 4:58 PM
    Moderator
  • Edgar,


    Thanks for the comprehensive follow-up. Much appreciated.

    Brad

    Friday, August 13, 2010 11:56 PM