Re: [Edm] Tracking (and distinguishing) formal analysis
Lucas Pardue <lucaspardue.24.7@gmail.com> Wed, 15 March 2023 13:13 UTC
Return-Path: <lucaspardue.24.7@gmail.com>
X-Original-To: edm@ietfa.amsl.com
Delivered-To: edm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DEAF9C151533 for <edm@ietfa.amsl.com>; Wed, 15 Mar 2023 06:13:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.845
X-Spam-Level:
X-Spam-Status: No, score=-1.845 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9m_DE1VKBZFx for <edm@ietfa.amsl.com>; Wed, 15 Mar 2023 06:13:27 -0700 (PDT)
Received: from mail-oo1-xc2f.google.com (mail-oo1-xc2f.google.com [IPv6:2607:f8b0:4864:20::c2f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A62D9C151532 for <edm@iab.org>; Wed, 15 Mar 2023 06:13:27 -0700 (PDT)
Received: by mail-oo1-xc2f.google.com with SMTP id h18-20020a4abb92000000b00525397f569fso2791712oop.3 for <edm@iab.org>; Wed, 15 Mar 2023 06:13:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1678886006; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=PpQgYXGxkY9MV1IA9n1Zxg2Kr/J0cFHMPXvH+EkQSCM=; b=lf7vwwTYJjwEcNtem566sNRfLLHMEa9apIrqvQlnKwN4FEJZX13+tbGbkICC0ZfjJl lafjTBkWPnjEaLgthh/Ubkd781LLSDoWRvQk01Cnwm/DTgZbyokGWMhOmNaF/gGpvRXy AgpPT9gj0BdTBglOEj0zczVtLtglyr15SAYNxxT4llBELvLuphLWwB7ISZSz+bWXZfKd h756CgO4EM8yJjdVEQG5BAu8ORAKcDeIu2WK8x5KbiJ4OXBkRcgXsxDgNXS3ju57jKp6 CumqbWkMTEwyfYp8wBeLuD3sZVN+5/y2wWqnejtvXWIvw3UUQTMbz30KiKct6Lay6suS +GjA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1678886006; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=PpQgYXGxkY9MV1IA9n1Zxg2Kr/J0cFHMPXvH+EkQSCM=; b=6/p9kM+9cu50lougG0G3bqiQv1iFBIvea5Vpxzs2qp0Bwzr3BXYYbg4Mz3KC9pD9OQ bXoRjyYcl5t4Lr73A+DUNHJ1t7N/SqvKbxKC53OSTiOgcox1VNhAyMU8rWkP8xEL05bK jIPnNI7/o1VnO8/eR6xgBNc3bnbBnrE1MUkVOUecEPX30/NciGAvKyK4y6JZ+fS5IIIj p+1sAteqM24HzHqgDqoLr4mD3XNJxdf4pbpaXfvc2m5TDmVOLiGMMZwzu4g6UHVBl9hN nVI9V0wdJ8gG8cy4Ak3vw79UHS+NB5M1moByWc2x9HnZcni6OYbZci8F/mOys2Q+Tg5Q mAvg==
X-Gm-Message-State: AO0yUKWss7g/HcsHQH7o/C7S3+GqVXbf9liFjIQ44Lg9nHwFDkcUuNaT Jb/EeQvCylHZP/wEjmohuGJ0nXVCGzoW476yVhkH9dcegD4=
X-Google-Smtp-Source: AK7set+N581WOvQ0/CUNAfeGzyoai/47Bixf9dgJjCtmd7Qkij2mtEg7WQVUYJQBNRuTByRnEHBdqee7rmAP6YTSloc=
X-Received: by 2002:a4a:d384:0:b0:525:65a1:acd9 with SMTP id i4-20020a4ad384000000b0052565a1acd9mr6077882oos.0.1678886006360; Wed, 15 Mar 2023 06:13:26 -0700 (PDT)
MIME-Version: 1.0
References: <E190D24B-81E3-45F4-A2C6-06E21473C16B@heapingbits.net> <a7471db3-efe8-421a-b9fa-9acc4824ab67@betaapp.fastmail.com>
In-Reply-To: <a7471db3-efe8-421a-b9fa-9acc4824ab67@betaapp.fastmail.com>
From: Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Wed, 15 Mar 2023 13:13:15 +0000
Message-ID: <CALGR9obBioR7UFjWB-sGA96DBsMXBu7LNByDk-XRfM9DayeVSQ@mail.gmail.com>
To: edm@iab.org
Content-Type: multipart/alternative; boundary="0000000000000710ce05f6f01c56"
Archived-At: <https://mailarchive.ietf.org/arch/msg/edm/0GUy7MReLXV5GImZke6QLliHlTQ>
Subject: Re: [Edm] Tracking (and distinguishing) formal analysis
X-BeenThere: edm@iab.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Evolvability, Deployability, & Maintainability \(Proposed\) Program" <edm.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/edm>, <mailto:edm-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/edm/>
List-Post: <mailto:edm@iab.org>
List-Help: <mailto:edm-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/edm>, <mailto:edm-request@iab.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Mar 2023 13:13:32 -0000
To echo some of what Martin said, in the QUIC sphere I tend to see research in papers or proceedings. Some of that research has identified issues with a specific implementation, confirmed that the protocol behaves in deployments as intended, etc etc. While not strict formal verification, there is perhaps merit in collecting links to artefacts to help track _use and deployment_ of a protocol after the initial design work was done and the RFC cut. Tangent: more of a tools discuss item probably - but having the list managed directly in the datatracker isn't the most user-friendly thing. As the number of items grows, it makes change management a bit tedious. It's also not clear to me who has write access (I assume just chairs and ADs?). A model where folks could propose their additions for review and approval would help crowd source that slightly. Currently as a non-logged in user, its not even obvious that the "Additional resources" field is such a free-form field and that we'd likely welcome people volunteering their own links there. Cheers, Lucas On Wed, Mar 15, 2023 at 11:24 AM Martin Thomson <mt@lowentropy.net> wrote: > I tend to think that the draft should be citing work like what you > reference. > > Still, having references to implementations, analyses, or other relevant > material, can still be valuable to collect the way you describe. I think > that this could help. Given that this is a bag of tagged URLs, the bar for > adding new types should be pretty low. > > On that thought, I'd be OK with "explanatory blog posting" meeting the > bar, as well, if you like. We've had a ton of really good ones published > over time for IETF work. Sometimes they are the best way to get > introductory-level background on the work. Add those too. > > (Tracking clicks might only offer the most vague approximation of > "value". Discussion might be a better indicator. Though in this case, the > number of people qualified to read and contribute to that work is very much > limited.) > > On Wed, Mar 15, 2023, at 22:04, Christopher Wood wrote: > > Hi folks, > > > > One of the helpful contributions of this group was changes to the > > datatracker that help track implementations of specifications (under > > "additional resources"). I've used this for a couple of specifications > > [0], and I hope others find them useful [1]. > > > > Implementations are not the only artifact that help with the > > development of specifications, though. Artifacts produced through > > formal analysis, such as executable models using tools like ProVerif or > > Tamarin and even pen-and-paper analyses, both change as the > > specification changes. As we develop specifications, new analyses > > appear over time, including after the final RFC is published. > > > > Given that these artifacts have similar churn as implementations, and > > complement specifications in a similar way as well, I'm wondering if we > > ought to extend the available tags in the datatracker to keep track of > > these things. As a strawman proposal, what do folks think about adding > > a "related_analyses" tag (similar to the "related_implementations" tag) > > to the set of available tags in the datatracker? We might use it like > > so: > > > > related_analyses https://github.com/cloudflare/ohttp-analysis > > (Tamarin model of Oblivious HTTP) > > > > Additionally, I'm wondering if we could also add a way to "flag" > > different resources so that they are easier to identify. Not everyone > > might know what a "Tamarin model" is. So for example, perhaps we could > > have colored label that says "analysis" (or something) next to the > > rendered item in the datatracker. > > > > Good idea? Bad idea? I'm curious to hear your thoughts. If interested, > > maybe we could discuss this in 116? > > > > Best, > > Chris > > > > [0] https://datatracker.ietf.org/doc/draft-ietf-ohai-ohttp/ as one > > example > > [1] I don't know how useful these are to others. Do we have a way to > > determine how many times these links are clicked? > > -- > > Edm mailing list > > Edm@iab.org > > https://www.iab.org/mailman/listinfo/edm > > -- > Edm mailing list > Edm@iab.org > https://www.iab.org/mailman/listinfo/edm >
- [Edm] Tracking (and distinguishing) formal analys… Christopher Wood
- Re: [Edm] Tracking (and distinguishing) formal an… Martin Thomson
- Re: [Edm] Tracking (and distinguishing) formal an… Lucas Pardue
- Re: [Edm] Tracking (and distinguishing) formal an… Christopher Wood
- Re: [Edm] Tracking (and distinguishing) formal an… Lucas Pardue
- Re: [Edm] Tracking (and distinguishing) formal an… Charles Eckel (eckelcu)