IETF Logo Mail Archive

Re: [arch-d] deprecating Postel's principle- considered harmful

Eliot Lear <lear@cisco.com> Thu, 09 May 2019 11:48 UTC

Return-Path: <lear@cisco.com>
X-Original-To: architecture-discuss@ietfa.amsl.com
Delivered-To: architecture-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B718B12003E; Thu, 9 May 2019 04:48:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.51
X-Spam-Level:
X-Spam-Status: No, score=-14.51 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZFaY4qmOtGCa; Thu, 9 May 2019 04:48:39 -0700 (PDT)
Received: from aer-iport-4.cisco.com (aer-iport-4.cisco.com [173.38.203.54]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93AA3120096; Thu, 9 May 2019 04:48:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=8102; q=dns/txt; s=iport; t=1557402516; x=1558612116; h=from:message-id:mime-version:subject:date:in-reply-to:cc: to:references; bh=zmEWeYgtB/8kK9kZ8QxToF1a31k/u2hvngGqRVvLtmI=; b=aOLc48uhT4N4pjNWXN359LV60fBj5J5ALxokqxN1a+7eiOJovYnEvcW0 SmzkqZI5eWq1Y4HvSvL/NFmXMRSWXNhjZdyYRmvawwC6YtCF1S9cOVbtS 39CTk/S66ryq8gtpdIPVfLHtkWIP1z5XylLMOP58Vm+otVRCPBPfvACMm U=;
X-Files: signature.asc : 195
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0ADAADmEtRc/xbLJq1kGQEBAQEBAQEBAQEBAQcBAQEBAQGBUQQBAQEBAQsBgnlSIBIohBGIHF+MI5JYhXsUgWcCBwEBAQkDAQEjDAEBgUuCdQKCKzQJDgEDAQEEAQECAQRtHAyFSgEBAQMBI0kBDAULCw4KFRUCAlcGCgmDIgGBew8PrRmBL4UzFIRcCgaBMgGBTooWgX+BOB+CFzU+gmECA4EZIxlIgksygiYEi0mHSZQwCYILggaBAoMVjDUblVeDcI8CimxFgngCBAYFAhWBTziBVjMaCBsVZQGCQT5YiXyFQT0DMI1HFYIuAQE
X-IronPort-AV: E=Sophos;i="5.60,449,1549929600"; d="asc'?scan'208,217";a="11917275"
Received: from aer-iport-nat.cisco.com (HELO aer-core-4.cisco.com) ([173.38.203.22]) by aer-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 09 May 2019 11:48:31 +0000
Received: from ams3-vpn-dhcp4430.cisco.com (ams3-vpn-dhcp4430.cisco.com [10.61.81.77]) by aer-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id x49BmUIq029699 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 9 May 2019 11:48:31 GMT
From: Eliot Lear <lear@cisco.com>
Message-Id: <342DB33C-7FF7-4CCF-BF1D-6CBCA77ECCCE@cisco.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_BCE27A16-A4E0-4F45-ADA9-CCD18D99F580"; protocol="application/pgp-signature"; micalg="pgp-sha1"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.8\))
Date: Thu, 09 May 2019 13:48:30 +0200
In-Reply-To: <161AB266-8DFE-49BF-8045-412A3844C9EF@tzi.org>
Cc: The IESG <iesg@ietf.org>, "architecture-discuss@ietf.org" <architecture-discuss@ietf.org>, "iab@iab.org" <iab@iab.org>, "ietf@ietf.org" <ietf@ietf.org>
To: Carsten Bormann <cabo@tzi.org>
References: <F64C10EAA68C8044B33656FA214632C89F024CD3@MISOUT7MSGUSRDE.ITServices.sbc.com> <CALaySJJDHg5j9Z7+noS=YXoNROqdsbJ6coEECtLtbJ6fWJ3xsQ@mail.gmail.com> <DBD4837F-299B-497C-8922-AFF858B06C0F@strayalpha.com> <EDB037CE-F16A-4392-B36C-F44E30F29753@tzi.org> <E7769BC3-472E-4161-85C9-E534C9E393EC@cisco.com> <161AB266-8DFE-49BF-8045-412A3844C9EF@tzi.org>
X-Mailer: Apple Mail (2.3445.104.8)
X-Outbound-SMTP-Client: 10.61.81.77, ams3-vpn-dhcp4430.cisco.com
X-Outbound-Node: aer-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/architecture-discuss/IvH_0v8iCLWJ2_Ogy9v2vLJgsu8>
Subject: Re: [arch-d] deprecating Postel's principle- considered harmful
X-BeenThere: architecture-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <architecture-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/architecture-discuss/>
List-Post: <mailto:architecture-discuss@ietf.org>
List-Help: <mailto:architecture-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/architecture-discuss>, <mailto:architecture-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 May 2019 11:48:41 -0000


> On 9 May 2019, at 13:02, Carsten Bormann <cabo@tzi.org> wrote:
> 
> On May 9, 2019, at 11:34, Eliot Lear <lear@cisco.com> wrote:
>> 
>> technical deficit
> 
> I think we were discussing Technical Debt.
> 
> https://en.wikipedia.org/wiki/Technical_debt <https://en.wikipedia.org/wiki/Technical_debt>

Yes.  I understood.

> 
> The term is widely used to describe code bases in software development that, through lack of oversight, have acquired properties that make them hard to move forward (or even fix).
> It doesn’t quite transfer to protocols, because here it is often different parties that incur the debt and that ultimately have to pay it up.


As you point out it is those who use the protocols who really incur the debt.  Anyone can have a bad – or immature – idea.  HTTP was loaded with them, and my point is that it is at least in part because we were learning. and let’s recall that HTTP and HTML were really evolutions on existing work, themselves.  RFC 5218 points out that this was wild success.  We saw more than our fair share of adoption failures because people took the other road that John Klensin described.  A great many times (our RFC directory is littered with all sorts of attempts).  Again, I find the term emotional.

On the other hand, if we are going to think in accounting terms, I would argue that from an economics standpoint, there its a credit associated with rapid development that we have accrued, and that we must continue to accrue under the assumptions we operate today, which is that of economic productivity associated with technology advances.  No matter how you evaluate cybersecurity losses, they come nowhere near the productivity gains that we account for as part of GDP in advanced economies.  Sooooo….  Technical debt can be economically good!


> A protocol that has turned into soup has acquired technical debt.
> It is very hard to pay back that debt: that requires coordinated effort throughout the ecosystem.  It occasionally can be done, but these are the hero stories of our time.

The worst case I know of is SMTP, and the reason it is the worst case is that its purpose is to enable non-prearranged communications, which lends themselves to any kook with associated malware getting into your mailbox.  So long as that requirement holds, we cannot entirely supplant that protocol, although casual communications have gradually moved elsewhere.  This, despite what I would consider very strong coordination within the ecosystem.  Is there a measurable debt?  Sure.  Let’s call it harm caused by spam and phishing, but that is based not on sloppy or lazy design or even on maturity (thus far), but rather on market desire.

Eliot

v2.23.0 | Report a Bug | By Email