IETF Logo Mail Archive

Re: Question about BCP 14 / RFC 8174

Carsten Bormann <cabo@tzi.org> Fri, 29 August 2025 04:53 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: ietf@mail2.ietf.org
Delivered-To: ietf@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id DCD895A6EC15 for <ietf@mail2.ietf.org>; Thu, 28 Aug 2025 21:53:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -3.989
X-Spam-Level:
X-Spam-Status: No, score=-3.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=neutral reason="invalid (public key: not available)" header.d=tzi.org
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KfiI6VQF8Sll for <ietf@mail2.ietf.org>; Thu, 28 Aug 2025 21:53:26 -0700 (PDT)
Received: from smtp.zfn.uni-bremen.de (smtp.zfn.uni-bremen.de [IPv6:2001:638:708:32::21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id A79A95A6EC0E for <ietf@ietf.org>; Thu, 28 Aug 2025 21:53:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=tzi.org; s=2019; t=1756443205; bh=T3D75BC0wi442fo0qkA1gK4fhl89J3nG0hYSokS2G/4=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=HnMetQWZhYzJ04vzuucRNipEPq4K2u8OBSwZ/gdwNxAungQTqfFY6b2sNdvC9RDnN LR4BZyyaH3hL8GQVR5ZTB9WUe20v4HnQp1eKHEl2GreWJMW+45+8tlCqaasZBjWaN7 WXj8GCzz5ekMZpG/mATZIgcUzm185iD0hM8GWsKjqt6mBaxL2JZ+E7SIW2+60Sl6uF 8sI2aqnf1uEhJLTAWSsbhaXtX/5LqSJpAjrwzjp5ogE1jgCje3l/DFy2nuq/gwSaU1 DltZHCayxIBHuIlffOiTCSHSklVienCFQrsy2ESDXGom5R/xMi/w1AXt5DswOmp/XA uuBZwaFnuN7wQ==
Received: from smtpclient.apple (p5dc5df6f.dip0.t-ipconnect.de [93.197.223.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.zfn.uni-bremen.de (Postfix) with ESMTPSA id 4cCm9w5SWQzDCbN; Fri, 29 Aug 2025 06:53:24 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.700.81\))
Subject: Re: Question about BCP 14 / RFC 8174
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <D739413C0AE13FFFFCB670A2@PSB>
Date: Fri, 29 Aug 2025 06:53:14 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <001F077C-108C-4FC7-93F5-9E72CD9698BB@tzi.org>
References: <aKzK5qdwLUHSa3JL@ubby> <CAC4RtVASn123qUSuFZg50wL4Nrjebz=QMf5AU=jeZLgQd5fsDg@mail.gmail.com> <9953f535-672f-49de-8b8f-9e1a471d97b8@gmail.com> <aLDiRY6Tw7PTKQoy@faui48e.informatik.uni-erlangen.de> <51f521aa-0b66-4f35-a9b1-815cb92a169e@gmail.com> <D739413C0AE13FFFFCB670A2@PSB>
To: John C Klensin <john-ietf@jck.com>
X-Mailer: Apple Mail (2.3826.700.81)
Message-ID-Hash: HEOECHD6Y3HPT5CVNNC3FMAZCVHKKTXI
X-Message-ID-Hash: HEOECHD6Y3HPT5CVNNC3FMAZCVHKKTXI
X-MailFrom: cabo@tzi.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ietf.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: ietf@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
List-Id: "IETF-Discussion. This is the most general IETF mailing list, intended for discussion of technical, procedural, operational, and other topics for which no dedicated mailing lists exist." <ietf.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/2tE4VswmQ7vS2YA2CHefPPBD0bg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Owner: <mailto:ietf-owner@ietf.org>
List-Post: <mailto:ietf@ietf.org>
List-Subscribe: <mailto:ietf-join@ietf.org>
List-Unsubscribe: <mailto:ietf-leave@ietf.org>

On Aug 29, 2025, at 04:47, John C Klensin <john-ietf@jck.com> wrote:
> 
> if we more often
> insisted on "SHOULD ... unless" discussions where they are possible
> -- e.g., "You SHOULD look both ways before crossing the road unless
> you are being chased by a dangerous animal" -- we'd probably have
> fewer misunderstandings of what SHOULD implies, 

I’d say the IESG is already doing a good job here in its reviews (definitely helped by the various area/directorate reviewers), at least for the last few couple of years.

We could of course point out the need for this review more prominently (I can’t find the “manual” id-nits statement right now, but it should be there, or maybe even in the directorate-specific review guidelines, e.g., for GENART).

The idnits tool can’t really check this.

An LLM can render at least some assistance, see below.
(Some prompt engineering may be required to focus this on BCP14 usage.)

Grüße, Carsten


Comments on the below LLM answer:
(Ugh, fragment identifiers… I need to find someone to tell us how to do this right.)
The comment on 3.4 is interesting, as I believe the usage of NOT RECOMMENDED here is fully justified even without an unspecific “unless a bear chases you” clause, as in “unless the benefits significantly exceed the drawbacks of depending on the serialization order”.
Maybe these two instances reflect that using BCP 14 for aspects of registration actions possibly involving designated experts has its own characteristics we haven’t fully captured yet.


# In rfc8949, are there any statements of the form SHOULD or RECOMMENDED (BCP14) that do not explain the exceptional conditions that must be fulfilled before the statement does not need to be heeded?

Yes. RFC 8949 contains BCP 14 SHOULD/RECOMMENDED usages without stated exception conditions.

Two clear examples:
    • Section 3.4 (Tagging of Items): After noting a few tags whose semantics depend on serialization order, the text says “The definition of new tags with this property is NOT RECOMMENDED.” It provides rationale but does not enumerate conditions under which ignoring that guidance would be acceptable. ​⁠https://datatracker.ietf.org/doc/html/rfc8949
    • Section 9.5 (Structured Syntax Suffix Registry):
        • “The syntax and semantics of fragment identifiers specified for +cbor SHOULD be as specified for ‘application/cbor’.”
        • “The syntax and semantics for fragment identifiers for a specific ‘xxx/yyy+cbor’ SHOULD be processed as follows: …”
These establish recommended behavior but do not spell out exceptional circumstances for deviating. The parenthetical note about there being no fragment identifier syntax for application/cbor at publication time is contextual information, not an exception clause. ​⁠https://datatracker.ietf.org/doc/html/rfc8949

In short, while the document generally uses BCP 14 precisely, it does include SHOULD/NOT RECOMMENDED statements that lack an explicit “unless…” or enumerated exceptional conditions. ​⁠https://datatracker.ietf.org/doc/html/rfc8949

v2.35.0 | Report a Bug | By Email | System Status