IETF Logo Mail Archive

Re: Things that used to be clear (was Re: Evolving Documents (nee "Living Documents") side meeting at IETF105.)

Eric Rescorla <ekr@rtfm.com> Thu, 04 July 2019 22:38 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C42D11200DB for <ietf@ietfa.amsl.com>; Thu, 4 Jul 2019 15:38:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U_1AwQr3Gn7e for <ietf@ietfa.amsl.com>; Thu, 4 Jul 2019 15:38:10 -0700 (PDT)
Received: from mail-lj1-x234.google.com (mail-lj1-x234.google.com [IPv6:2a00:1450:4864:20::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63C2A1200D8 for <ietf@ietf.org>; Thu, 4 Jul 2019 15:38:10 -0700 (PDT)
Received: by mail-lj1-x234.google.com with SMTP id h10so7414241ljg.0 for <ietf@ietf.org>; Thu, 04 Jul 2019 15:38:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=tM0e8crTUzSEjShTmkiWCHzSrq5kcSIauZ2mo5X2y1s=; b=b95gL1b7juJtiIK1VVhOqJ0QMCN59KIN+FRuZffj4/PFSthaLCtTIN7ai7b5Edac+k R0EPA/scpRmYvRrj0gh/Qm7EnmyVMNJh05ugqvzTUd+EaQFrJholVlPVeyOo65ELed9b gQxvjJibabTsQxVNt1IcB+0nDEDCdQkefaolGGKiab6+dUw3y1CqpTl5FYMZUA2lpVlQ 0gXVnPEERAHPRBUf/xe00fN8TH+8zNVy4FbLom5agsTM1FrBa0Tn9HvbHjVG5XM9+Jea I+fn2a2T1kZj1CXpJvb5QtXwdpbUyjKs3LUKLW7jpce9ue4xWmVgcqyKjPl4LGupjN2L XLOA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=tM0e8crTUzSEjShTmkiWCHzSrq5kcSIauZ2mo5X2y1s=; b=eSayPU/U5wpAiiyTusweHb5HKbSDakuqAJdf23o4fnIH5t6G6m6JoIbpwvrUKJAq8G kbIR9wt+iRhN3B/zood//T8AEloC+J41jUhCHEOGa5jsGH4E+Ibq+VQ7DWWZkEVCpvXn W/ZmtK48cp2BBiyfu+5hElgA4pyJFpnfe12X+yHf4TYa3SeU4Mz+CgXXb4q9qjS2wqOw 0w6o+03LZE5FTcZ2eUgSzbjBIBmy9uNcyNtNHIUlkHdwCt8byuuX4A8wBZTOScbuljvY P1IuIfQPl40gpPIX2SGFboVo85kEZVR4G5wH+JLjOVWTCrOmb+QzbLlNm1U+rukLL7jo xMcw==
X-Gm-Message-State: APjAAAVngapf8XFgcXxcIgYJEwn68ZubFjQmpb+ev0gvI28U3ZP2Ce9K aOROGEwQe8GnMZU8HhowPNk4R6OV/zpINYpXr7t5kMd/mmY=
X-Google-Smtp-Source: APXvYqx12SzpPEb/MDmYHM7ObAsFUXYJ//j4p8gponm3DQWUnJJmTt7CD4The7sxuiIputBXCbRe6n7wVJvFGuhn7hA=
X-Received: by 2002:a2e:8345:: with SMTP id l5mr249101ljh.18.1562279888531; Thu, 04 Jul 2019 15:38:08 -0700 (PDT)
MIME-Version: 1.0
References: <0856af71-4d84-09d1-834d-12ac7252420c@network-heretics.com> <CAL02cgQ9qWVUTPW=Cpx=r32k3i1PLgfp5ax0pKMdH0nKObcKTg@mail.gmail.com> <e8d28a7f-128d-e8d0-17d3-146c6ff5b546@joelhalpern.com> <CAHw9_i+UBs85P+gjcF6BJd1_WD2qFrrYCnXb4rtcG9Hepqm37w@mail.gmail.com> <796c1f6c-cd67-2cd5-9a98-9059a0e516f8@network-heretics.com> <20190704013009.dlifopcbm2umnqo7@mx4.yitter.info> <b18809df-ee98-fb29-b6c4-04ed579e163a@network-heretics.com> <20190704052335.GF3508@localhost> <911a7af5-071a-ce88-527d-70dfe939b256@network-heretics.com> <6317584D-4C9B-46E9-8197-D2A488701868@fugue.com> <20190704140552.GE49950@hanna.meerval.net> <b0943792-1afc-0c94-51b7-f2d393ef39c5@network-heretics.com> <CABcZeBOKmCCSU0Md1myDyhQ=Ja6H0TUgEdrGZ4bQCQOw5K0H9w@mail.gmail.com> <m25zohy8or.wl-randy@psg.com> <CABcZeBNwze0fbikPbr8LG4=ZRJ=fUyU8dBrTDBw2Vjx90C0Kxw@mail.gmail.com> <20555.1562273642@localhost>
In-Reply-To: <20555.1562273642@localhost>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 04 Jul 2019 15:37:30 -0700
Message-ID: <CABcZeBNXDnwbrWhUcvnGdko3BxpFDr7P29SaM-tmpFQOzwuf+A@mail.gmail.com>
Subject: Re: Things that used to be clear (was Re: Evolving Documents (nee "Living Documents") side meeting at IETF105.)
To: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: IETF Rinse Repeat <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000cbc1ea058ce2a13e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/CYIPr6OH6jWIIVf6p063-i-44fo>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jul 2019 22:38:13 -0000

On Thu, Jul 4, 2019 at 1:54 PM Michael Richardson <mcr+ietf@sandelman.ca>
wrote:

>
> Eric Rescorla <ekr@rtfm.com> wrote:
>     >> and your description of how tls did this with 1.3, 'marked'
> versions of
>     >> internet-drafts, seemed to work well.  and those with colder feet
> could
>     >> wait for the rfc.  but i note that the triel implementations seemed
> not
>     >> to be deployed in production until the ietf sausage was made.
>
>
>     > I don't want to debate the precise meaning of production, but what I
> will
>     > say is that at in the case of TLS 1.3, we had pre-draft versions on
> in
>     > Release
>     > versions of Chrome and Firefox and serving live domains at Cloudflare
>     > (and I think Facebook and Google, but I'd have to check my notes).
> This
>     > was actually essential to finding problems because there are
> environments
>     > which will not run prerelease software.
>
> I agree how valuable it was.
>
> But, the parties involved all understood (in a deep way, up to product
> managers, I expect) that there might be incompatible changes.
>

Yes, I think this is a fair point. It's also notable that these were also
protocols that
were "optional", either in the sense that you could downwardly negotiate to
other
versions (TLS, HTTP) or fall back to another protocol (QUIC). So that meant
that
tight coordination was less relevant.


I have been through protocols with obvious flaws waiting for a zero-day bugs
> where I could not get a fix in ID-07 because "it's been deployed".
>

I agree that this is bad. Everybody involved in these protocols understood
that
"it's deployed" wasn't going to be a very strong argument.

-Ekr



> --
> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
>  -= IPv6 IoT consulting =-
>
>
>
>

v2.23.0 | Report a Bug | By Email