IETF Logo Mail Archive

Re: [apps-discuss] [dane]

Martin Rex <mrex@sap.com> Wed, 02 May 2012 17:50 UTC

Return-Path: <mrex@sap.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1391D21F85C9; Wed, 2 May 2012 10:50:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.128
X-Spam-Level:
X-Spam-Status: No, score=-10.128 tagged_above=-999 required=5 tests=[AWL=0.121, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yEyxtuCE54gK; Wed, 2 May 2012 10:50:54 -0700 (PDT)
Received: from smtpde01.sap-ag.de (smtpde01.sap-ag.de [155.56.68.170]) by ietfa.amsl.com (Postfix) with ESMTP id 384C721F85C6; Wed, 2 May 2012 10:50:53 -0700 (PDT)
Received: from mail.sap.corp by smtpde01.sap-ag.de (26) with ESMTP id q42Hoq01001031 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 2 May 2012 19:50:52 +0200 (MEST)
From: Martin Rex <mrex@sap.com>
Message-Id: <201205021750.q42HopRD001898@fs4113.wdf.sap.corp>
To: ned.freed@mrochek.com
Date: Wed, 02 May 2012 19:50:51 +0200
In-Reply-To: <01OF03JVQP0C0006TG@mauve.mrochek.com> from "Ned Freed" at May 2, 12 09:13:44 am
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
Cc: mrex@sap.com, ned.freed@mrochek.com, apps-discuss@ietf.org, dane@ietf.org, paul.hoffman@vpnc.org, iesg@ietf.org, paul@nohats.ca
Subject: Re: [apps-discuss] [dane]
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: mrex@sap.com
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 May 2012 17:50:55 -0000

Ned Freed wrote:
> 
> > Ned Freed wrote:
> > >
> > > > I don't think is there a definite need e.g. for something that
> > > > says how to use DANE with XMPP or SMTP to update the TLSA RFC -
> > > > that might or might not be needed but we won't know until its
> > > > being done.
> > >
> > > But that's what it currently says is needed.
> > >
> > > > Nevertheless, how about if it said:
> > >
> > > > "Note that this document does not cover how to associate
> > > > certificates with domain names for application protocols that depend
> > > > on SRV, NAPTR, and similar DNS resource records. It is expected that
> > > > future documents will cover methods for making those associations.
> > > > Those documents may or may not need to update this one."
> > >
> > > That's essentially the change I suggested making.
> 
> 
> > Writing that those apps-protocol-specific documents (defining how to
> > use a particular protocol with TLSA/DANE-protocol) might need to update the
> > TLSA/DANE-protocol document is misleading (and IMHO should be avoided).
> 
> > http://tools.ietf.org/html/rfc2223#section-12
> 
> > defines the "Updates:" metadata for RFCs to have a very narrow and purely
> > editorial meaning.  "Updates:" is meant to refer to those situations
> > where a paragraph or section of a new document **completely** replaces
> > the same paragraph or section of a previous RFC.
> 
> That section doesn't say or even imply that the change has to be purely
> editorial in nature. (The word "editorial" appears nowhere in the section and
> neither do the words "paragraph" or "section".)


The rfc2223 document title is "Instruction to RFC Authors".  The Updates:
header has a purely editorial meaning for the *new* document, but the
result can certainly be very technical for the *old* document!

Updates: should only be used if the change is supposed to apply not only
to implementations of the *new* document, but that all new implementors of
the *old* (=updated) document should ignore certain parts of the old
document and use the new document instead.  But in order for this to
work,
  - a section in the new document is *REQUIRED* which list exactly
    which pieces of the *old* (=updated) document are completely
    replaced by which pieces of the new document
  - retaining full interop with old implementations based on only
    the full spec, and clear distinction of features that were
    added or dropped in the updated parts.


> 
> > It is probably much more common to "extend" an existing protocol or
> > describe/define additional usage scenarios without changing the original
> > specification, simply by using the extensibility of the original protocol.
> 
> Sure, but it is also common to make a technical change and call it an update.
> You may not like that, but that's how it works.

That is not necessarily a contradiction.

But there is a certain mess in the meta-data of published RFCs.
Publishing a change to specification will not magically change
the behaviour of an installed base, therefore "changes" need to
account for the reality of life.


-Martin

v2.23.0 | Report a Bug | By Email