IETF Logo Mail Archive

Re: [Edm] [arch-d] Call for Comment: <draft-iab-use-it-or-lose-it-02> (Long-term Viability of Protocol Extension Mechanisms)

Brian E Carpenter <brian.e.carpenter@gmail.com> Thu, 26 August 2021 03:39 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: edm@ietfa.amsl.com
Delivered-To: edm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AD9DA3A124B for <edm@ietfa.amsl.com>; Wed, 25 Aug 2021 20:39:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oAUfDaK-39oV for <edm@ietfa.amsl.com>; Wed, 25 Aug 2021 20:38:58 -0700 (PDT)
Received: from mail-pf1-x42a.google.com (mail-pf1-x42a.google.com [IPv6:2607:f8b0:4864:20::42a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 640973A124A for <edm@iab.org>; Wed, 25 Aug 2021 20:38:58 -0700 (PDT)
Received: by mail-pf1-x42a.google.com with SMTP id j187so1554609pfg.4 for <edm@iab.org>; Wed, 25 Aug 2021 20:38:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=If6srtlFuQ50bhAtUiriHnKMh1QeavIqjgEqEDEigJM=; b=ZkkmPRHd4c9/itfjdHFWoUF6G+cnSyauIkPKIC0KWm7p5cNjvrOMiDgVRkCuYrf+dy M0Dhy8Im5pToRkaC9NLq/qah0gP0huhnyo7+JrDFA/aDzCcFw9AVn0DmXu1Eg2gEZAIU /9f7R/t9sj73ZxuXwxzGYkAh4L36jVNkGaTv5sk7L6t27tUYK/YjVQvAInExLft8rPEG P28TYMbIk7JhRabogWv8zcSl2//xr2MbZTxxQatDCZWDkIidR2vn2ty3pfT1gsypIfBy X1SVKFmxXWmluv3weD8c4M1oPHjI+wvE+Jqy3MogSqM7jqsuxdmU7XykeGnicKZNO0de JE/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=If6srtlFuQ50bhAtUiriHnKMh1QeavIqjgEqEDEigJM=; b=IIJAJ9FXYZvJLatVRuiIgfPXBjeF322jItHv6TUNjOvAn67nM8VXckCEWfmTrqls4O pLfKGwoPeC0cPzsKTCke6i0UVUIGz1fGRcXfdDfMGRYcu89mgmfaMFM9XMZsB9rdJvER PF8pBzlbW0sA0Fa+1YmYbf4TMhBsB9H5yAXd0MJGMUYLBztLYujF/AMYHNbcvEjSUzgV 286L9EoV3EuufBTe4FqvPL9hs5ws1Mz6BsIMhjPPTIkCoSzJ75+Gs1U+Rl75QaCMSZHE uMkZcxJrAjKa6/UCDLgrma/+FzZW8YKAYGMiN756PIGt9dnvgCvSszKVkqkHxW8suS+4 yyhg==
X-Gm-Message-State: AOAM532j7Oz2bfba6o7hggaGey4yr+Vni5WgT7s4mMPCZip41TKWJqn5 hSmgGp83Bul0l4Qoj5c0ZU5vN2T2YWiidg==
X-Google-Smtp-Source: ABdhPJy3RbInS8ykJMw9RPwYAvkm4Lme9vOWMNYO//X8SZQS0XgZj/bFYmLIbb2IPA+rkxAknVHqMA==
X-Received: by 2002:a63:4206:: with SMTP id p6mr1410958pga.449.1629949136107; Wed, 25 Aug 2021 20:38:56 -0700 (PDT)
Received: from ?IPv6:2406:e003:11d3:cf01:80b2:5c79:2266:e431? ([2406:e003:11d3:cf01:80b2:5c79:2266:e431]) by smtp.gmail.com with ESMTPSA id b7sm999431pfl.195.2021.08.25.20.38.54 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 25 Aug 2021 20:38:55 -0700 (PDT)
To: Martin Thomson <mt@lowentropy.net>, edm@iab.org
References: <162991703946.25379.3009360954932586670@ietfa.amsl.com> <078f0246-6e3f-1a49-38e7-cfdae1539c93@joelhalpern.com> <d12b1bf0-e120-f686-d1af-3f63fea15f56@gmail.com> <df951c5c-5bd9-444b-b764-1506e5ec9fb1@www.fastmail.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <cdf079d2-0a48-d576-f31d-e1dd08cddaf8@gmail.com>
Date: Thu, 26 Aug 2021 15:38:52 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.10.0
MIME-Version: 1.0
In-Reply-To: <df951c5c-5bd9-444b-b764-1506e5ec9fb1@www.fastmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/edm/NPKPEjfczoJH35K1ZN6Xy-MLI_4>
Subject: Re: [Edm] [arch-d] Call for Comment: <draft-iab-use-it-or-lose-it-02> (Long-term Viability of Protocol Extension Mechanisms)
X-BeenThere: edm@iab.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Evolvability, Deployability, & Maintainability \(Proposed\) Program" <edm.iab.org>
List-Unsubscribe: <https://www.iab.org/mailman/options/edm>, <mailto:edm-request@iab.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/edm/>
List-Post: <mailto:edm@iab.org>
List-Help: <mailto:edm-request@iab.org?subject=help>
List-Subscribe: <https://www.iab.org/mailman/listinfo/edm>, <mailto:edm-request@iab.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Aug 2021 03:39:01 -0000

On 26-Aug-21 11:43, Martin Thomson wrote:
> On Thu, Aug 26, 2021, at 09:17, Brian E Carpenter wrote:
>> Looking back in the draft, I see that it intentionally ducks the 
>> question: "This document largely assumes that extensions are not 
>> deliberately blocked." But what if they are? That's what firewalls do 
>> for a living and it's a major block on innovation. 
> 
> Yes, you are not the only one.
> 
> However, this is very much not in scope for this work.  Another document can attempt to convince people that their security goals might need to come second to allowing innovation.  (I realize that this might diminish its value for you, but that larger scope is a larger lift than I'm willing to undertake.)
> 
>> I'm not suggesting that this document can solve the problem, but can we 
>> have a more complete acknowledgement of it than the sentence quoted 
>> above?
> 
> I can see two angles on this.
> 
> 1. Where the firewall knows about a feature and specifically chooses to blocks it.
> 
> 2. Where the firewall doesn't know about a feature and blocks it because it doesn't understand it.
> 
> Can you agree that there is nothing we gain from trying to do anything about (1)?

Not much, because sadly Steve Bellovin's "Distributed Firewalls" paper from 1999 failed to revolutionise the industry. (The point being that configuring and applying such blocking *only* at the destination host allows consenting hosts to receive everything they want and drop everything they don't want.)

> 
> For (2), I very deliberately avoided making the distinction.  My experience with firewalls varies.  We had a bunch of really constructive discussions with Web Application Firewall people who very much don't want to block innovation, but who had done so inadvertently.  On the other hand, blocking the unknown is very much a stated goal of many SIP SBCs.

Indeed. Also solved 20+ years ago by Bellovin, but such is history.

> 
> As far as the pain we all feel as a result of the policies these firewalls apply, that's just part of our job.
> 
> At best, the only thing we might do is acknowledge that this distinction exists.  The conclusion would still be the same though.  We might disagree with the policy, or even the right to apply the policy, but as long as we can't prevent someone from applying the policy, it still results in hard constraints for which this document has no answers.

I agree. All I'm suggesting is to state it a bit more explicitly. The current sentence is only a <shrug>.
> 
>> (2) Again in 2.3 "Multi-Party Interactions and Middleboxes", should 
>> there be a discussion of a complex situation where N peers are 
>> communicating using protocol P, but each peer potentially supports a 
>> different subset of extensions? That gives you up to N^2 possible 
>> variants. It's not insoluble, but it needs a bit of care in protocol 
>> design (and is different than in a traditional client/server model).
> 
> That seems like it is not in scope here, but more of a question of how you might design a multi-party protocol for extension.

True, but the section's title made me expect more than I found in the text.

   Brian

v2.23.0 | Report a Bug | By Email