Re: Do we now require change control on specifications we use?

[Carsten Bormann <cabo@tzi.org>]

On Dec 04 2007, at 10:25, Paul Hoffman wrote:

> At 9:29 AM -0800 12/4/07, Carsten Bormann wrote:
>> XML is *not* a moving target.
>> ASN.1 was.  Worse, it was in the control of tool vendors who were  
>> living off changes to the "standard" and increasing complexity in  
>> order to sell upgrades and keep a high barrier to market entry.
>
> Oh, please. The "added complexity" that was *needed* to be changed  
> in all the PKIX and S/MIME specs to meet the changes over 20 years  
> of ASN.1 changes are minor and cause no bits-on-the-wire changes.

So you were lucky.
(One could also say the writers of those specs had the right "taste"  
in using only features that survived.)

> Blaming this on ASN.1 "tool vendors" is silly. First, there is  
> basically only one significant tool vendor.

See?  The strategy worked for them.
(And yes, "tool vendors" is a simplification -- "that part of the  
ecosystem that benefits from change more than from stability" is a bit  
long.)

The end result is that there is a dearth of useful ASN.1 tools.  That  
matters.

> More important, however, is that most of the changes have been to  
> add new data formats that the IETF has completely ignored. Those  
> formats (PER, CER, XER, YAER...) were wanted by other SDOs;

There is an interesting push-pull relationship to those desires (as in  
"wanted"), but this is off-topic.

> The changes in ASN.1 have had little or no effect on the IETF.

Because the IETF uncoupled from the "progress" in those cases where it  
mattered.

> We are considering bringing our specs up to date now, and it is  
> quite easy and completely voluntary.

I was not trying to criticize that.  I still think ASN.1 is a textbook  
example for an external dependency gone wrong, at least for some of  
its customers.  And my point stands that having a dependency on an SDO  
that does not care about you does not help.

Gruesse, Carsten