IETF Logo Mail Archive

Re: [apps-discuss] [dane]

Ned Freed <ned.freed@mrochek.com> Wed, 02 May 2012 16:27 UTC

Return-Path: <ned.freed@mrochek.com>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38D2C21F8637; Wed, 2 May 2012 09:27:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.497
X-Spam-Level:
X-Spam-Status: No, score=-2.497 tagged_above=-999 required=5 tests=[AWL=0.102, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jvxOYpTQCjSo; Wed, 2 May 2012 09:27:52 -0700 (PDT)
Received: from mauve.mrochek.com (mauve.mrochek.com [66.59.230.40]) by ietfa.amsl.com (Postfix) with ESMTP id 6BB4121F85F9; Wed, 2 May 2012 09:27:52 -0700 (PDT)
Received: from dkim-sign.mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01OF03JXNYZK000RFH@mauve.mrochek.com>; Wed, 2 May 2012 09:27:47 -0700 (PDT)
Received: from mauve.mrochek.com by mauve.mrochek.com (PMDF V6.1-1 #35243) id <01OF030DGDDC0006TG@mauve.mrochek.com>; Wed, 2 May 2012 09:27:45 -0700 (PDT)
Message-id: <01OF03JVQP0C0006TG@mauve.mrochek.com>
Date: Wed, 02 May 2012 09:13:44 -0700
From: Ned Freed <ned.freed@mrochek.com>
In-reply-to: "Your message dated Wed, 02 May 2012 15:47:39 +0200 (MEST)" <201205021347.q42Dld6J017934@fs4113.wdf.sap.corp>
MIME-version: 1.0
Content-type: TEXT/PLAIN
References: <01OEZB9OC9VW0006TF@mauve.mrochek.com> <201205021347.q42Dld6J017934@fs4113.wdf.sap.corp>
To: Martin Rex <mrex@sap.com>
Cc: ned.freed@mrochek.com, apps-discuss@ietf.org, dane@ietf.org, paul.hoffman@vpnc.org, iesg@ietf.org, paul@nohats.ca
Subject: Re: [apps-discuss] [dane]
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 May 2012 16:27:53 -0000

> Ned Freed wrote:
> >
> > > I don't think is there a definite need e.g. for something that
> > > says how to use DANE with XMPP or SMTP to update the TLSA RFC -
> > > that might or might not be needed but we won't know until its
> > > being done.
> >
> > But that's what it currently says is needed.
> >
> > > Nevertheless, how about if it said:
> >
> > > "Note that this document does not cover how to associate
> > > certificates with domain names for application protocols that depend
> > > on SRV, NAPTR, and similar DNS resource records. It is expected that
> > > future documents will cover methods for making those associations.
> > > Those documents may or may not need to update this one."
> >
> > That's essentially the change I suggested making.


> Writing that those apps-protocol-specific documents (defining how to
> use a particular protocol with TLSA/DANE-protocol) might need to update the
> TLSA/DANE-protocol document is misleading (and IMHO should be avoided).

> http://tools.ietf.org/html/rfc2223#section-12

> defines the "Updates:" metadata for RFCs to have a very narrow and purely
> editorial meaning.  "Updates:" is meant to refer to those situations
> where a paragraph or section of a new document **completely** replaces
> the same paragraph or section of a previous RFC.

That section doesn't say or even imply that the change has to be purely
editorial in nature. (The word "editorial" appears nowhere in the section and
neither do the words "paragraph" or "section".)

And even if it did, the facts are that Updates: is routinely used by documents
that make a substantial technical change to a previous document. A particularly
relevant example of this is the EAI specification RFC 6532, which states that
it "Updates: RFC 2045" and the nature of this update is to remove a MUST NOT,
which is just about as substantial a technical change as you can make.

So if there's a bug here (and I don't think there is), the bug is in RFC 2223.
Not in this use of Updates:.

> It is probably much more common to "extend" an existing protocol or
> describe/define additional usage scenarios without changing the original
> specification, simply by using the extensibility of the original protocol.

Sure, but it is also common to make a technical change and call it an update.
You may not like that, but that's how it works.

> Normally, such "expected usage" should not use the editorial
> rfc2223-Updates: metadata.  But the use of the Updates:&Obsoletes:
> meta-data tags in RFCs is not consistent, a number of RFC seem to
> ignore the rfc2223 definitions of what these headers are supposed
> to indicate.

Again, if there's any inconsistency, it's in RFC 2223.

				Ned

v2.23.0 | Report a Bug | By Email