IETF Logo Mail Archive

RE: Last Call: <draft-housley-implementer-obligations-01.txt> (Expectations of Implementers of IETF Protocols) to Informational RFC

"Adrian Farrel" <adrian@olddog.co.uk> Sat, 10 May 2014 18:35 UTC

Return-Path: <adrian@olddog.co.uk>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 573E71A009A for <ietf@ietfa.amsl.com>; Sat, 10 May 2014 11:35:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Level:
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a7JdwMV0NhXg for <ietf@ietfa.amsl.com>; Sat, 10 May 2014 11:35:05 -0700 (PDT)
Received: from asmtp3.iomartmail.com (asmtp3.iomartmail.com [62.128.201.159]) by ietfa.amsl.com (Postfix) with ESMTP id A8FC71A028A for <ietf@ietf.org>; Sat, 10 May 2014 11:34:37 -0700 (PDT)
Received: from asmtp3.iomartmail.com (localhost.localdomain [127.0.0.1]) by asmtp3.iomartmail.com (8.13.8/8.13.8) with ESMTP id s4AIYUXh031722; Sat, 10 May 2014 19:34:30 +0100
Received: from 950129200 (dsl-sp-81-140-15-32.in-addr.broadbandscope.com [81.140.15.32]) (authenticated bits=0) by asmtp3.iomartmail.com (8.13.8/8.13.8) with ESMTP id s4AIYTKv031716 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Sat, 10 May 2014 19:34:29 +0100
From: Adrian Farrel <adrian@olddog.co.uk>
To: ietf@ietf.org
References: <20140509191841.18372.97889.idtracker@ietfa.amsl.com>
In-Reply-To: <20140509191841.18372.97889.idtracker@ietfa.amsl.com>
Subject: RE: Last Call: <draft-housley-implementer-obligations-01.txt> (Expectations of Implementers of IETF Protocols) to Informational RFC
Date: Sat, 10 May 2014 19:34:22 +0100
Message-ID: <06a301cf6c7e$770e51e0$652af5a0$@olddog.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQHUy7wUCCxDwCIafHf3fT22Q9jqmZsvZRkg
Content-Language: en-gb
X-TM-AS-MML: disable
X-TM-AS-Product-Ver: IMSS-7.1.0.1576-7.5.0.1017-20686.001
X-TM-AS-Result: No--29.680-10.0-31-10
X-imss-scan-details: No--29.680-10.0-31-10
X-TMASE-MatchedRID: hwsFDxVJcFkzx9GDMr0HvzYTypjB3iDVuikHZcC6ceATVJPv0YKEKTwn POyASCbr2kv68ydFqfcuntQAyESQiUNfxUxRf3opcFEiuPxHjsVcSMp/1+Epp9+TEN9qHKjTnsE p7XWxcchb070HRH+XCmLRb/3uYlKNfKqAHsoGWxCvnWBILruGlRN1nZpH38gg1dB3OH9LZUqxvz PMQm2tsveExRIv1fiqFru/75BTNrk86jprCBoTOQPZZctd3P4BJCrNy6AbUJXYWrp179pohmFOi exrr+Z/VaNqT/Qf0KxTUEIotwiIxJ2lwdg+xyRxYD9XTRdaMO1kBDPLxNH5BgDqzaYhcjeQyJiV HsxfXPg2i/7Yd9EVFFfIICmtvJUnVOSZp87t6zDr/EBmiNuXt5OBXaF4TRYNY0mfc+80OXQJnt1 t7wDwiE5Bvgb5D8g0s87GQfVN3I782GXoCnKuJ0+4wmL9kCTxj/xLIaDSshHE3grQNcpLWFCRBL PlmuBNBg+jbo7iEvu+74rinx1E3PcQy4v/zdDwwCZxkTHxccn1A+HzbPqZGuQydRUvl3QTRFc/M wCIIKWV18eyPf5mlJZgn5pLJS0I/ws1APs2xqHfhvTQ/n1nGb+rZ62pfS6OVfOB6z8Qn2yxgpAs VRsHu/938XLa6cYxaEd/qsqbLK7Ncm2bW2t5nGZUc2jtcaSd0Wobj8GkNVq4gUyzJIDbFplFuEm Jp3YaXhM78qWqeGeDpSfmYnSaxPCyXojAU5LKngIgpj8eDcC063Wh9WVqghziNLWewPgd+gtHj7 OwNO0CpgETeT0ynA==
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/5bcfpQkzYdPikpdrH99H-6b_-t0
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: adrian@olddog.co.uk
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 May 2014 18:35:07 -0000

While I appreciate the effort the author put in to resolve previous
discussions, I do not support the publication of this document.

The thrust of my previous comments were to say "It is all platitude, 
but probably harmless" and "at whom is this document aimed". This 
review is in a little more detail. I still find the whole document to
be one big platitude that does not need to be published, but I have also
found a number of things that I think need to be fixed.

---

This document significantly conflates advice to implementers wishing to
ensure interoperability, best practice for people claiming to have
implemented (i.e., claiming conformance to) a specification, and 
constraints to the freedom for implementers of IETF specifications.

As the text notes, IETF specifications (please don't call them standards
unless that is what you really mean) are not mandatory to implement. So
the text really must not tell people what they must or must not do. For
example, the Abstract says "By choosing to implement..." This is
nonsense! I can choose to do what I like. If I choose to implement stuff
and tweak it and make it better, that is entirely my choice. 
Maybe you could have said "By claiming to have implemented..." But even
that is marginal. We are not the Internet Police and we have no 
influence in the world of advertising or marketing. Nor do we run 
conformance labs. This attempt at constraining implementations is bogus
and needs to be removed from the document.

As far as interoperability is concerned, it is great to give concrete
advice. When the Introduction says
   This document provides advice to implementers of IETF protocols to
   improve interoperability of their implementations.
it would be wonderful if the document lived up to the claim. But this
claim seems to be at odds with the document Title and Abstract and all
I find in the document is effectively "If you want two implementations
to interoperate, they need to implement the same thing." Well, if that
comes as a surprise to anyone perhaps they are in the wrong business.

So what is the document actually trying to do and say, and to whom?

---

The document also contains a lot of passive voice that hides the
motivation for the text. For example, the Abstract says "...one is
expected..." Expected by whom? Why? Perhaps you can attribute the 
expectation to make this meaningful.

---

Introduction
"IETF protocols foster interoperability."
I don't believe this is true. A protocol cannot of itself achieve this.
Possibly the clear specification of a consensus-based protocol can do
that. Possibly.

---

Introduction
   Yet, IETF standards are
   voluntary standards.  No one is required to implement them.
   Implementation is a choice.  By making this choice, an implementer is
   expected to:

      (1) Follow the protocol specification;

Please clarify "IETF standards" since you almost certainly don't mean 
what you have written.

But note that this text is circular. Implementation of a specification 
is, by definition, following the specification. So this text doesn't
say anything! It is the *claim* of implementation that has an 
expectation attached to it. What I do in the darkness of my own room is
not a matter for anyone's expectations.

---

Introduction

   When implementers meet these expectations, protocols interoperate as
   intended by the IETF.

This is a mixed message. Are you trying to set out the expectations on
people who implement (or claim implementation), or are you giving advice
on how to achieve interoperability?

---

Section 2

   An implementer needs to maintain their implementation
   into the future.  It is not sufficient to do an initial
   implementation of the protocol.  One needs to apply changes as they
   come out.

While the example given is highly desirable, it does not go as far as 
"needs to". An implementation is a snapshot, a moment in specification
history, and is correctly described as such. There is no moral or other
binding on the implementer to make a change, just as there was no 
requirement that the implementer select a particular specification to
implement.

When I implement a protocol as specified in an RFC I am not making a 
commitment to update my implementation to fix bugs in the specification
or to add features.

Furthermore, not all protocol extensions are desirable in all 
environments. There is no requirement for an implementer to add a widget
as there is no requirement for an implementer to implement version 2 of
a protocol or to pick up fixes to version 1.

---

Section 3

I am not comfortable with this attempt to define the purpose and meaning
of BCPs over and above RFC 2026. The statements in this section might 
reflect how BCPs have been used in the past, but this text is too strong
in the way it looks to the future. It might be appropriate to put this 
into the past tense...

   Best Current Practices (BCPs) about IETF protocols (not the BCPs that
   define IETF processes and procedures) have often been used to 
   document IETF consensus about operational or implementation practices
   pertaining to IETF protocols.

By *your* definition of BCP, why is this document not a BCP?

---

Section 3

   By following the BCPs,
   implementers, operators, and administrators are able to provide a
   common experience when using the protocol, regardless of their point
   of attachment to the Internet.

Do you mean "provide" or "obtain". If "provide" then provide to whom?

---

Section 3

   Sometimes BCPs are referenced in the protocol specification.  Often
   the implementer needs to look through the BCP index to find related
   BCPs.

The implication here might be that by checking the list of BCPs an
implementer will find all of the relevant advice and guidance outside the
specification itself. This is not true. There are plenty of 
Informational RFCs describing ways to build and deploy protocols. And 
there is this (under-used) thing called an Applicability Statement
[RFC 2026 - section 3.2].

Adrian

v2.23.0 | Report a Bug | By Email