Re: [arch-d] deprecating Postel's principle- considered harmful
Henning Schulzrinne <hgs@cs.columbia.edu> Thu, 09 May 2019 00:38 UTC
Return-Path: <hgs10@columbia.edu>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EFDCC12014E for <architecture-discuss@ietfa.amsl.com>; Wed, 8 May 2019 17:38:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2ZHpEtK9_UyX for <architecture-discuss@ietfa.amsl.com>; Wed, 8 May 2019 17:38:34 -0700 (PDT)
Received: from outprodmail02.cc.columbia.edu (outprodmail02.cc.columbia.edu [128.59.72.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5C22C1201DE for <architecture-discuss@ietf.org>; Wed, 8 May 2019 17:38:31 -0700 (PDT)
Received: from hazelnut (hazelnut.cc.columbia.edu [128.59.213.250]) by outprodmail02.cc.columbia.edu (8.14.4/8.14.4) with ESMTP id x490ZoQT043287 for <architecture-discuss@ietf.org>; Wed, 8 May 2019 20:38:30 -0400
Received: from hazelnut (localhost.localdomain [127.0.0.1]) by hazelnut (Postfix) with ESMTP id 0D53C80 for <architecture-discuss@ietf.org>; Wed, 8 May 2019 20:38:30 -0400 (EDT)
Received: from sendprodmail01.cc.columbia.edu (sendprodmail01.cc.columbia.edu [128.59.72.13]) by hazelnut (Postfix) with ESMTP id EBD2282 for <architecture-discuss@ietf.org>; Wed, 8 May 2019 20:38:29 -0400 (EDT)
Received: from mail-ot1-f70.google.com (mail-ot1-f70.google.com [209.85.210.70]) by sendprodmail01.cc.columbia.edu (8.14.4/8.14.4) with ESMTP id x490cTNV013961 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT) for <architecture-discuss@ietf.org>; Wed, 8 May 2019 20:38:29 -0400
Received: by mail-ot1-f70.google.com with SMTP id 72so278381otv.23 for <architecture-discuss@ietf.org>; Wed, 08 May 2019 17:38:29 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=EGQOZ9gBaoxHWNEPYbsDvC0fFIYRBZ+U2atSA9rRmyE=; b=XZDcr8q0EpDkVTb5dvD7Cay/TQQZiODdmd5XBZsI2xi3oiL3QQ74OnvVGdxB33EdM8 9vlKLmoomQlpvUI/fELk62sNfiwYSH7umv4rRxaQhKDbWVx9okv4vStqAhMVjpq7v132 +pkUwqAbfofyT4hBoVono9oZ3ao4hFlVSR3rHGVduMfMKgqQa5PhHbxCO3KwTWYlj9YS 3fhsVW6zcyo+z06bRT8DjjekdP4gwHPz/XjDwJzBoCgKdrhOc8lO7emJmMMQmgYq2bcT JKcOBThGjiv04tVx5WJY/TwQ/5oTpDrC84fAzkoT1EFX8hk2pDHqpu19+1kspVPoVkRi 1UBw==
X-Gm-Message-State: APjAAAUouWcMJq+ve9y6XjkLJPysR8xhjyQCJ6u9ZOnDae/l7fdvyklj fMKBT/AuxJhFU03zhr8sAXfWouT8Lq9IxGl6XRVDpti+h7QkjnYLdKeK7YqHg7IDdqfmEItfkPn d49noW1ylUO0BWdrHREhIiz8pRRGaWQwsOGxW+AAmPFk8p9hVuQ==
X-Received: by 2002:aca:ec0f:: with SMTP id k15mr395246oih.43.1557362308415; Wed, 08 May 2019 17:38:28 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxQK/7o35yOwVOlyEHhgU6hxGZAadCdUc3BGe5jgO6LZ7q5yMQe0h4NGWdHIZAh06x1fz99wxVgUO1Uk8SQbjk=
X-Received: by 2002:aca:ec0f:: with SMTP id k15mr395229oih.43.1557362307976; Wed, 08 May 2019 17:38:27 -0700 (PDT)
MIME-Version: 1.0
References: <F64C10EAA68C8044B33656FA214632C89F024CD3@MISOUT7MSGUSRDE.ITServices.sbc.com> <CALaySJJDHg5j9Z7+noS=YXoNROqdsbJ6coEECtLtbJ6fWJ3xsQ@mail.gmail.com> <CAA=duU1TxZx9W8huPp5md25Wf+9=f50WYGpU=Bb1OQ+OdF6k6A@mail.gmail.com> <CACgrgBYs95Q4hb=y-6i7SW9mEx9Bg-gp0TrpAYpsP-aODSx+YA@mail.gmail.com> <eb979c24-e9d2-4ebb-1d4b-94b8c9aa16e1@huitema.net> <CACgrgBahawkXbyXoYHbwYSkfCG9zxn6M8jgwswDpcFjfZVcffw@mail.gmail.com> <6095149F-F4BE-400D-BD1E-F25BC60FDA8A@isc.org>
In-Reply-To: <6095149F-F4BE-400D-BD1E-F25BC60FDA8A@isc.org>
From: Henning Schulzrinne <hgs@cs.columbia.edu>
Date: Wed, 08 May 2019 20:38:01 -0400
Message-ID: <CACgrgBa9O07CHOJg7LsxgHX=TNV1i=vmG8-ByS4kMJpbbsXf-w@mail.gmail.com>
To: Mark Andrews <marka@isc.org>
Cc: Christian Huitema <huitema@huitema.net>, "ietf@ietf.org" <ietf@ietf.org>, "architecture-discuss@ietf.org" <architecture-discuss@ietf.org>, "iab@iab.org" <iab@iab.org>, The IESG <iesg@ietf.org>, Barry Leiba <barryleiba@computer.org>
Content-Type: multipart/alternative; boundary="000000000000276870058869ab8d"
X-No-Spam-Score: Local
X-Scanned-By: MIMEDefang 2.84 on 128.59.72.13
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/BOeiWTj9CVFdBjxI8XMhFMpJUoo>
Subject: Re: [arch-d] deprecating Postel's principle- considered harmful
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 May 2019 00:38:36 -0000
I'm glad to hear that this works, at least when there are resources available to do all the things you did (test site, coordination, outreach, ...). I think it would be helpful if the draft could point to such examples, and maybe failed examples, of how to get out of the bad-liberalism condition. I suspect that this is workable where the dominant implementations are open source and where the open source developers maintain close ties to the IETF community. Maybe we do need a protocol police in the IETF :-) ("Sir, do you know that you didn't signal properly?") Henning On Tue, May 7, 2019 at 7:52 PM Mark Andrews <marka@isc.org> wrote: > The fix for that is to implement the new feature and get customers to log > bug reports against the other implementation. It does work. Even Fortune > 500 companies listen to their customers. > > Implementations can be fixed and with regular update mechanisms in place > the fixes do get deployed. > > In early 2018 the open source DNS vendors declared a flag day on Feb 1, > 2019. > We where no longer going to treat timeout as “the server doesn’t > understand EDNS”. > I.e. we where intending to deliberately break interoperation with servers > that > where stuck in the last century. We set up a site where you could test > your > servers to see if your servers where broken. We also had that site report > a whole lot of other EDNS protocol violation. You got RED if there was a > fatal fault, ORANGE if any other fault was detected and GREEN if the server > passed the test queries. The number of sites which would get RED was << 1 > in > 10000. > > We advertised this flag day, in a number of places. The testing server got > overwhelmed and DNS vendors with broken servers got thousands of “this > site says your product is broken, when are you going to fix it” complaints. > Implementations got fixed and the fixes got deploy. This included firewall > vendors fixing their default blocking rule. > > https://ednscomp.isc.org/ has lots of graphs which show failures of > various > populations of servers and how things changed in the lead up to Feb 1 and > later fixes being released and deployed. In particular > https://ednscomp.isc.org/compliance/ts/au.optfail.html show Microsoft > fixing > their servers (see the “echoed” line). The Jan 28 was when they fixed > their > Azure service. The drop around April 11 is when fix pushed out in the > March > patch Tuesday release started to take effect. > > The March 1 failure spike was when one of the links from the testing site > started dropping DNS UPD packets but passed DNS TCP packets. It took a > couple of days to track down the bad (wrong style for the conductor) RJ48 > connector that caused that failure. > > > On 8 May 2019, at 8:53 am, Henning Schulzrinne <hgs@cs.columbia.edu> > wrote: > > > > It's kind of the inverse robustness problem - lots of perfectly-well > documented protocol features are not usable in practice since they break > "lazy", but important, implementations. The SIP crowd will remember the > endless discussions about MIME multipart. > > > > In those cases, it would probably be wise to simply declare that a > well-intentioned feature is no longer recommended for new implementations > and possibly look for alternative options. (We seem to get into the > circular arguments of "We need X", "use standard mechanism M to do X", "but > none of the major implementations do M and are unlikely to in the > foreseeable future", "but we cannot have two ways to do X and M is actually > a better idea"; wait two years; repeat. Alternative: people develop a > kludge that kind of works.) > > > > The old, rarely-exercised, promotion-to-Draft-Standard step was supposed > to catch this, but that process protocol path obviously was also rarely > exercised. > > > > Henning > > > > > > And then for a counter example, also related to IPv6. The IPv6 specs > > allows implementations to insert a variety of intermediate headers > > between the IPv6 header and the transport packet, but many router > > implementations just don't like that and slow down or drop packets if > > such intermediate routers are present. A case where the spec is arguably > > too permissive, or the implementations too strict. > > > > -- Christian Huitema > > > > -- > Mark Andrews, ISC > 1 Seymour St., Dundas Valley, NSW 2117, Australia > PHONE: +61 2 9871 4742 INTERNET: marka@isc.org > >
- Re: [arch-d] deprecating Postel's principle- cons… BRUNGARD, DEBORAH A
- Re: [arch-d] deprecating Postel's principle- cons… Barry Leiba
- Re: [arch-d] deprecating Postel's principle- cons… Stephen Farrell
- Re: [arch-d] deprecating Postel's principle- cons… Brian E Carpenter
- Re: [arch-d] deprecating Postel's principle- cons… Andrew G. Malis
- Re: [arch-d] deprecating Postel's principle- cons… Barry Leiba
- Re: [arch-d] deprecating Postel's principle- cons… Warren Kumari
- Re: [arch-d] deprecating Postel's principle- cons… Tony Li
- Re: [arch-d] deprecating Postel's principle- cons… Stephen Farrell
- Re: [arch-d] deprecating Postel's principle- cons… Adam Roach
- Re: [arch-d] deprecating Postel's principle- cons… Salz, Rich
- Re: [arch-d] deprecating Postel's principle- cons… Joel M. Halpern
- Re: [arch-d] deprecating Postel's principle- cons… Adam Roach
- Re: [arch-d] [IAB] deprecating Postel's principle… Christian Huitema
- Re: [arch-d] [IAB] deprecating Postel's principle… Stephen Farrell
- Re: [arch-d] deprecating Postel's principle- cons… Matthew Kerwin
- Re: [arch-d] deprecating Postel's principle- cons… Rich Kulawiec
- Re: [arch-d] deprecating Postel's principle- cons… Henning Schulzrinne
- Re: [arch-d] [IAB] deprecating Postel's principle… Henning Schulzrinne
- Re: [arch-d] deprecating Postel's principle- cons… Christian Huitema
- Re: [arch-d] deprecating Postel's principle- cons… Brian E Carpenter
- Re: [arch-d] deprecating Postel's principle- cons… Henning Schulzrinne
- Re: [arch-d] deprecating Postel's principle- cons… Mark Andrews
- Re: [arch-d] deprecating Postel's principle- cons… Paul Wouters
- Re: [arch-d] [IAB] deprecating Postel's principle… Randy Bush
- Re: [arch-d] deprecating Postel's principle- cons… Joe Touch
- Re: [arch-d] deprecating Postel's principle- cons… Carsten Bormann
- Re: [arch-d] deprecating Postel's principle- cons… Jari Arkko
- Re: [arch-d] deprecating Postel's principle- cons… John C Klensin
- Re: [arch-d] deprecating Postel's principle- cons… Henning Schulzrinne
- Re: [arch-d] deprecating Postel's principle- cons… Phillip Hallam-Baker
- Re: [arch-d] deprecating Postel's principle- cons… Bless, Roland (TM)
- Re: [arch-d] deprecating Postel's principle- cons… Joe Touch
- Re: [arch-d] deprecating Postel's principle- cons… Henry S. Thompson
- Re: [arch-d] deprecating Postel's principle- cons… Henning Schulzrinne
- Re: [arch-d] deprecating Postel's principle- cons… Henning Schulzrinne
- Re: [arch-d] deprecating Postel's principle- cons… S Moonesamy
- Re: [arch-d] deprecating Postel's principle- cons… Eliot Lear
- Re: [arch-d] deprecating Postel's principle- cons… Carsten Bormann
- Re: [arch-d] deprecating Postel's principle- cons… Eliot Lear
- Re: [arch-d] deprecating Postel's principle- cons… Bob Briscoe
- Re: [arch-d] deprecating Postel's principle- cons… Henning Schulzrinne
- Re: [arch-d] deprecating Postel's principle- cons… Henry S. Thompson