Re: [Edm] Protocol testability
Lucas Pardue <lucaspardue.24.7@gmail.com> Wed, 29 March 2023 01:03 UTC
Return-Path: <lucaspardue.24.7@gmail.com>
X-Original-To: edm@ietfa.amsl.com
Delivered-To: edm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20D49C151B30 for <edm@ietfa.amsl.com>; Tue, 28 Mar 2023 18:03:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.844
X-Spam-Level:
X-Spam-Status: No, score=-6.844 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eSHBVvGfuMQZ for <edm@ietfa.amsl.com>; Tue, 28 Mar 2023 18:03:40 -0700 (PDT)
Received: from mail-oi1-x22e.google.com (mail-oi1-x22e.google.com [IPv6:2607:f8b0:4864:20::22e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51A68C14EB17 for <edm@iab.org>; Tue, 28 Mar 2023 18:03:40 -0700 (PDT)
Received: by mail-oi1-x22e.google.com with SMTP id bi31so10435514oib.9 for <edm@iab.org>; Tue, 28 Mar 2023 18:03:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1680051819; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=GcHZi376iJ1jePmmIS88XlgEJ1BL/W4RFxaHj3rCGfw=; b=bJxVAwtVZC0kyNZ17Q16Z9HHTTvZXpkvLl5ibY0iKo0vG0RUjaEkPDIsGd5ZSLpnkD nOh76sH6jjgHp9SlmWrT3SqAke3gndYVKNjKMci9ryYBTFcA0c9g4hj/N+Mrfzbuk/NS uXKH5xEnDEzmCx9U9+kfg39wMn3v4E7R1OgPTZPoWGe6O8BOZG48J1I880W/Bx91yl5d tOpAjbmtm+2xbXZrE8XFMHFopLGkPi12UUq27T/zZ87twByzxZuPwgKFmkW7Yn65+qPt g/4RULOxMczZpsLu67m31iZEB1omxtFroLlvPpRGUIxrYTRgvFXHCefQFoStJofk4x2p EHIA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680051819; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=GcHZi376iJ1jePmmIS88XlgEJ1BL/W4RFxaHj3rCGfw=; b=SCrZtteIhnfljabLw/FLnt7nFpHIsw9wfsxi7+s5dmcOy+gS9k8qzUb6GhNJYha33T InJYaNo8dln6cQpfQERFpXenBdIhoAGtKxYfU6PKQlUwU3Pb28MVgLHHqT3NRNGo1uVm /PmTr+XYFqHHbA6q3OjkOkdnCoeKWLgkQpUpIs5hwNeD4zXOdGlFVsUk+JPvXaAeMaAT 7+tLZyo3/CtgkYFfot5BYgcu5d71UBVbiq9fdC2LbHNWoaxLZKmTQs0ynMK7EU3k1li4 72xjW/4FdW1GpJy/iWerwfCpz89IaKYDnKC+13bu/DuBYzUPOtOX0BzoHDsiK22uF1JJ q4Tw==
X-Gm-Message-State: AAQBX9fgLb79IG0n6V02PR9SWya6IJJa9ECG9fghKxHLwXwA4tVSiUTo codfpwmwAjUTwllUgLY8Np3OLtfkncmqmL+AaB5W7a7IIq4=
X-Google-Smtp-Source: AKy350bwD+fbY0gLAYobPlDVdX9kSXnA3yghmJM+Wpds/Hmzl9Aw9iohkEfpP5AsRlWTgS5IXHnjQUEok8Q0z0XCof4=
X-Received: by 2002:a05:6808:2389:b0:37f:a2ad:6718 with SMTP id bp9-20020a056808238900b0037fa2ad6718mr283462oib.3.1680051819155; Tue, 28 Mar 2023 18:03:39 -0700 (PDT)
MIME-Version: 1.0
References: <C10E5882-5FF8-45DF-8463-DC15C64BA2D9@heapingbits.net>
In-Reply-To: <C10E5882-5FF8-45DF-8463-DC15C64BA2D9@heapingbits.net>
From: Lucas Pardue <lucaspardue.24.7@gmail.com>
Date: Wed, 29 Mar 2023 02:03:27 +0100
Message-ID: <CALGR9obKcwwZzvWvbNdq8zAT3aGd2VHo76g_jZr8oSy93TazPg@mail.gmail.com>
To: Christopher Wood <caw@heapingbits.net>
Cc: edm@iab.org
Content-Type: multipart/alternative; boundary="000000000000e2943a05f7ff8ba0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/edm/CFxENf2YkYofgtU30cANagpq2FY>
Subject: Re: [Edm] Protocol testability
X-BeenThere: edm@iab.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Evolvability, Deployability, & Maintainability \(Proposed\) Program" <edm.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/edm>, <mailto:edm-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/edm/>
List-Post: <mailto:edm@iab.org>
List-Help: <mailto:edm-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/edm>, <mailto:edm-request@iab.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2023 01:03:44 -0000
Hi Chris, Your thoughts in the room and your email make sense to me. To speak specifically to the QUIC final size bug that we talked about. It was mentioned that it was the sort of thing that should have been a unit test. Indeed, after identifying the root cause and a fix, a new test was added along with it. The interesting part here was that _in the same implementation_ the bug was in the sender side, while the receiver side followed the RFC and effectively had no bug. This is slightly different from a failure to implement a "feature vertical". Given that this should have been easy to spot within the same implementation, there was little barrier to a test catching it. So to pick up on your 3rd and 4th points, I think another aspect is the extra dimensionality that arises from packet loss. Potentially every unit test could be duplicated for a loss condition. This sort of thing adds cognitive overhead when writing tests. In the meeting we talked about interop testing and exercising different network conditions. That's doable and a good thing. What is potentially less common is assistance in writing, or more ideally just automagically doing, multivariate testing at the level of unit or integration testing. I'd be interested in hearing other's experiences here about what might exist to address this part of protocol development, implementation, and maintenance. Cheers Lucas On Wed, Mar 29, 2023 at 1:27 AM Christopher Wood <caw@heapingbits.net> wrote: > Apologies again to everyone for making you sit through my rambling > thoughts earlier in the meeting. Here's my attempt to better articulate > what I was trying to say at the mic. > > The bug that was mentioned in the meeting seems to have manifested in > practice because of a lack of "proper" testing, for some definition of > proper. This happens all the time, and for good reason: perhaps the easiest > way we validate a protocol specification is by deploying it and seeing if > it works in practice. A much harder (and, frankly, equally imperfect) way > would be to spend all of our energy on improving tests and our test > harnesses. > > So the way I see it, there are basically two extremes for how we validate > protocol specifications. One extreme is where we could write exactly zero > tests and rely entirely on deployment experiments to determine if a > protocol is correct. The other extreme is where we could focus entirely on > tests and do no deployment to determine correctness. In practice, we wind > up somewhere in the middle. > > Where different implementations fall on this spectrum varies a lot in > practice and is influenced by a number of things: > > - How much time pressure there is to ship software. > - How many different implementations exist for the purposes of perfroming > interop tests. > - How many resources there are to dedicate on tests and test harnesses, > and how feasible it is to implement tests in different environments. > - How complex the protocol is and, consequently, how difficult it is to > produce test vectors to exercise different parts of the protocol. > > There may certainly be more. I don't think there's a "right" answer as to > where anyone should fall on this spectrum of testability, but I wonder if > it would be useful for us to retroactively look back at collaborative > efforts of different protocols to see if there are any trends worth > documenting. QUIC is an obvious candidate here. I mentioned Oblivious HTTP > in the meeting. Maybe there are others? > > Time provided, I'm willing to help look back at time and collate this > information, though I'm curious to hear what folks think about this topic > in general. > > Best, > Chris > -- > Edm mailing list > Edm@iab.org > https://www.iab.org/mailman/listinfo/edm >
- [Edm] Protocol testability Christopher Wood
- Re: [Edm] Protocol testability Lucas Pardue