[Cbor] Re: EDN redux

Carsten Bormann <cabo@tzi.org> Wed, 07 August 2024 14:49 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: cbor@ietfa.amsl.com
Delivered-To: cbor@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 72476C1516E0 for <cbor@ietfa.amsl.com>; Wed, 7 Aug 2024 07:49:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GLpDbtJFP42G for <cbor@ietfa.amsl.com>; Wed, 7 Aug 2024 07:49:45 -0700 (PDT)
Received: from smtp.zfn.uni-bremen.de (smtp.zfn.uni-bremen.de [IPv6:2001:638:708:32::21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3AF33C14CE29 for <cbor@ietf.org>; Wed, 7 Aug 2024 07:49:44 -0700 (PDT)
Received: from clients-pool3-0220.vpn.uni-bremen.de (clients-pool3-0220.vpn.uni-bremen.de [134.102.69.220]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4WfCkX1kVFzDCf8; Wed, 7 Aug 2024 16:49:40 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.7\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <CAKoiRuZebuHWhZ1AK6TPZDAdYgvQQBkM7Hdeyi7X=aFfFeQ3PQ@mail.gmail.com>
Date: Wed, 07 Aug 2024 16:49:39 +0200
X-Mao-Original-Outgoing-Id: 744734979.726799-fb8a1dde641d3f4309f0fc763fe65e9d
Content-Transfer-Encoding: quoted-printable
Message-Id: <D7E13419-35FE-4ACC-BBE6-CDBAE83F4570@tzi.org>
References: <7C93E178-2D2A-44E1-96A2-EB55048052DD@tzi.org> <CAKoiRuZebuHWhZ1AK6TPZDAdYgvQQBkM7Hdeyi7X=aFfFeQ3PQ@mail.gmail.com>
To: Rohan Mahy <rohan.mahy@gmail.com>
X-Mailer: Apple Mail (2.3608.120.23.2.7)
Message-ID-Hash: QR5US4WXWLMAQVSN64OOPXZ3GK3FHOFE
X-Message-ID-Hash: QR5US4WXWLMAQVSN64OOPXZ3GK3FHOFE
X-MailFrom: cabo@tzi.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cbor.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: CBOR <cbor@ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Cbor] Re: EDN redux
List-Id: "Concise Binary Object Representation (CBOR)" <cbor.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/cbor/I8UP5PYVAbwnkam70t1afibrJRQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cbor>
List-Help: <mailto:cbor-request@ietf.org?subject=help>
List-Owner: <mailto:cbor-owner@ietf.org>
List-Post: <mailto:cbor@ietf.org>
List-Subscribe: <mailto:cbor-join@ietf.org>
List-Unsubscribe: <mailto:cbor-leave@ietf.org>

On 2024-08-07, at 15:41, Rohan Mahy <rohan.mahy@gmail.com> wrote:
> 
> The analogy with JSON is critically flawed because the JSON format is used "on the wire" as is, while EDN app-strings need to be converted to a specific format (often bstrs) in CBOR, each with their own grammar.

I don’t see how that is a flaw of the analogy — this observation is even more of a motivation to keep up the separation (think: tag 999).

> All other substantive applications of ABNF at IETF use a single pass definition of the grammar.

This look at the past may have been true up to October 2017 (publication date of RFC 8288); I didn’t analyze all use of ABNF in the IETF.
But, looking more closely, that is just an artifact of defining layers of a grammar in such a way that you don’t immediately see that they are layers.

> Using the ABNF in another way goes against 40+ years of precedent.

There is no “use of ABNF in another way”.  There is a use of ABNF according to the layering of the protocol.  Just as you wouldn’t cram SDP ABNF into a single layer SIP ABNF.

> It is just weird and will trip up other implementers.

I don’t agree with this prediction.

> The examples given where someone wanted to include an ABNF in an app-string from an earlier specification which is broken or inconsistent, clearly signal to me that spec writers need to take the time to fix those problems by writing a clean ABNF rather than write new specs that import garbage productions wrapped with extra layers of encoding and processing. 

I was in the room when Julian Reschke explained the rationale for cleaning up RFC 5988 to become RFC 8288, echoing all the concerns we had found independently when doing RFC 6690.  Not everybody had this kind of background.  Indeed, many people did not immediately understand why the separation of layers makes sense.  But in the end, the benefits of proper layering prevailed.

> Overall this two-pass concept has been optimized to make life harder for implementers

It sure makes *my* implementations simpler, so I can’t follow.

> and easier for people who want to specify new app-strings.

That is indeed one benefit (not just easier, but likely more correct).

> We should not be writing IETF specifications with that property.

HTTP has decided to go for structured fields [1] as its layering on top of the text-based (HTTP/1.1) and binary (H2, H3) serializations.
(For backwards compatibility reasons, they had to come up with something specific to HTTP, and they are experiencing problems in using ABNF as is.  In EDN, we so far don’t.)

[1]: RFC 8941, with the replacement draft-ietf-httpbis-sfbis in the RFC-editor queue

More generally speaking, these days we are writing specifications while considering that extension points should be easy to employ (both when writing the specifications and when writing the implementations).

I’m having a hard time understanding why CBOR EDN, which isn’t even meant as an interchange format, triggers this hardline “we must do it like we did 20 years ago” [for one understanding of what that may have been] response.

As a way forward, we could simply remove the ABNF — it is available in the WG draft for implementers that want to base their work on ABNF.  That would be counterproductive, but might allow us to move forward in this inexplicable situation.  I would prefer a solution with less damage, though.

Grüße, Carsten