Re: deprecating Postel's principle - considered harmful
Keith Moore <moore@network-heretics.com> Fri, 10 May 2019 23:14 UTC
Return-Path: <moore@network-heretics.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FF261200F7 for <ietf@ietfa.amsl.com>; Fri, 10 May 2019 16:14:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uMHbtZLiNr07 for <ietf@ietfa.amsl.com>; Fri, 10 May 2019 16:14:55 -0700 (PDT)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9400E1200E3 for <ietf@ietf.org>; Fri, 10 May 2019 16:14:55 -0700 (PDT)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id 856CA23E47; Fri, 10 May 2019 19:14:54 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Fri, 10 May 2019 19:14:54 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=G7ObV4mfWrPscRvemY8e/45n5CxpNDkO/k2ithTfz 8k=; b=toBMEdbzkad6RhPAuEt0T4NG/CTnZyvR5iiHhnTl5yx4lkn6ElRX7pD68 8mz44ezzx+ylTzDHSOzkiNf6fL3rFwJT6PLCciiKKF2E/oXYU1yCjL0AESNxaTk+ elpapbyL5M7XIIfFWR5xxEs633P9RVn0Y5D46R/5D0FdLnW+OPbJhJ7m7uxIY5Ie Bauog0ZADWav1UdynKkDm/yD8Q9MUuXV1gCCeAlgRC31tLL05ZO8pWj5rjAZWBwb pyftJnAgimstsTvEaCHFUG694dtVrQ0O6HD7zWkuNc2PghJp1bkIJ58lyD6i3oUI IQXKBuYPy15zO0MQFJJAQyw1gAp9Q==
X-ME-Sender: <xms:7QXWXB9kMCbevGG01pvPn_zyJHfTecRdY0-ZQ57SNFaJiqTUS0Rxaw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduuddrkeelgddvtdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepuffvfhfhkffffgggjggtgfesthekre dttdefjeenucfhrhhomhepmfgvihhthhcuofhoohhrvgcuoehmohhorhgvsehnvghtfiho rhhkqdhhvghrvghtihgtshdrtghomheqnecukfhppedutdekrddvvddurddukedtrdduhe enucfrrghrrghmpehmrghilhhfrhhomhepmhhoohhrvgesnhgvthifohhrkhdqhhgvrhgv thhitghsrdgtohhmnecuvehluhhsthgvrhfuihiivgeptd
X-ME-Proxy: <xmx:7QXWXM_h8u-wGc4jtMU9-SProL52Uc2QbHZEsHx1EU7XIlXgHUVfow> <xmx:7QXWXHmBqfw0Hw-CrDuSdvrjr5dycaTYk2o6ZmKxVEtmJ1tjYoV11A> <xmx:7QXWXC12fgk26m3c3YDZ-qMOeDCiCtZCfaV7vHZxcBCF2XVjDc2FhA> <xmx:7gXWXAgmkOoh7TAGspWenB2GLRTiSrUOrEzFDsnX5kmrHvwOHefYBw>
Received: from [192.168.1.66] (108-221-180-15.lightspeed.knvltn.sbcglobal.net [108.221.180.15]) by mail.messagingengine.com (Postfix) with ESMTPA id 7891B80059; Fri, 10 May 2019 19:14:53 -0400 (EDT)
Subject: Re: deprecating Postel's principle - considered harmful
To: ietf@ietf.org
References: <4255f805-9d9e-10a0-e6be-309779a33d26@network-heretics.com> <CAMm+LwgrVQtjLuwCyeyFpEzNzLwnYhoMjc0POdZSE8MwtetioA@mail.gmail.com> <20190510214417.GY21049@localhost> <CAMm+LwgXPzF0K08jN2y4yY+Uv1879vU1PxJTOoa9y4Jhu5G_Cg@mail.gmail.com> <20190510224746.GZ21049@localhost>
From: Keith Moore <moore@network-heretics.com>
Message-ID: <5da942c1-8f51-4e56-ab24-365a69ec587f@network-heretics.com>
Date: Fri, 10 May 2019 19:14:52 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <20190510224746.GZ21049@localhost>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/5xdZDU-Le4Q-rtoFW66ULGVKXow>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 May 2019 23:14:57 -0000
On 5/10/19 6:47 PM, Nico Williams wrote: >> MITM proxies introduce their own horrors and they are an example of the >> cost of trying to remain principled in an unprincipled world. We could do >> MITM in a much better way than we have ended up with. But we can't come to >> consensus on a protocol of that sort. > Consensus isn't the problem. The problem is that HTTP/1.x was so > trivial to implement (bash + printf + nc can do it) that there are too > many "stacks" in which to implement something new, so it can't be done. Number of implementations (which can be related to ease of implementations) is something that I suspect affects which of EKR's equilibrium points the situation ends up in. A protocol that's easy to implement should be considered a success, IMO, but it does make it harder to evolve the protocol. (These days there's a bit of religious dogma floating around the idea that everyone should keep all of their protocol stacks current. While I understand the sentiment, and often agree in specific cases, I'm not sure it scales well especially into the IoT world. There's something to be said for a protocol that's so well-designed and stable that it doesn't need to be upgraded, and stable enough that it's worth spending the time to get the implementation right the first time. I'm sure some people regard that as heresy, but there are lots of negative consequences associated with constantly having to have upgrades, including increased development/maintenance cost, increased interoperability failures, and increased vendor lockin.) > This is also why 3xx redirect-based authentication methods are winning > over as-originally-intended 401 / WWW-Authenticate / Authorization > methods. It's easier to implement redirect chasing than to implement a > pluggable authentication method framework. (Also, it's easier on server > devs to use redirects.) I just wish 3xx and 401 weren't mutually > exclusive. I posted to art@ietf.org a few weeks ago about that got no > replies, sadly. It has long seemed to me that the early available 401-based methods (by which I mean the ones available in browsers from mid to late 1990s) failed largely because of their inflexibility and relatively poor user experience provided by the browsers, and especially because avoiding 401 altogether and using redirects and cookies instead allowed each site to customize the login user experience. Then the latter became widely held mindshare that redirects and cookies are how you do authentication. Which is very unfortunate, because cookies are an absolute disaster and it's very hard to see how to get rid of them. (Even though at least some of their problems were obvious from the start, and IETF tried to fix them multiple times.) Keith
- Re: deprecating Postel's principle - considered h… Keith Moore
- Re: deprecating Postel's principle - considered h… Doug Royer
- Re: deprecating Postel's principle - considered h… Eric Rescorla
- Re: deprecating Postel's principle - considered h… Doug Royer
- Re: deprecating Postel's principle - considered h… Ted Lemon
- Re: deprecating Postel's principle - considered h… Eliot Lear
- Re: deprecating Postel's principle - considered h… Ted Lemon
- Re: deprecating Postel's principle - considered h… Doug Royer
- Re: deprecating Postel's principle - considered h… Eric Rescorla
- Re: deprecating Postel's principle - considered h… Ted Hardie
- Re: deprecating Postel's principle - considered h… Phillip Hallam-Baker
- Re: deprecating Postel's principle - considered h… Nico Williams
- Re: deprecating Postel's principle - considered h… Phillip Hallam-Baker
- Re: deprecating Postel's principle - considered h… Nico Williams
- Re: deprecating Postel's principle - considered h… Keith Moore
- Re: deprecating Postel's principle - considered h… Bron Gondwana
- Re: deprecating Postel's principle - considered h… Keith Moore
- Re: deprecating Postel's principle - considered h… Nico Williams
- Re: deprecating Postel's principle - considered h… ned+ietf
- Re: deprecating Postel's principle - considered h… Ted Lemon
- Re: deprecating Postel's principle - considered h… Michael Richardson
- Re: deprecating Postel's principle - considered h… Michael Richardson
- Re: deprecating Postel's principle - considered h… Joel M. Halpern
- Re: deprecating Postel's principle - considered h… Eric Rescorla
- Re: deprecating Postel's principle - considered h… Joel M. Halpern
- Re: deprecating Postel's principle - considered h… Keith Moore
- Re: deprecating Postel's principle - considered h… Eliot Lear
- Re: deprecating Postel's principle - considered h… Martin Thomson
- Re: deprecating Postel's principle - considered h… Eliot Lear
- Re: deprecating Postel's principle - considered h… ned+ietf