Re: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> (Internet Protocol, Version 6 (IPv6) Specification) to Internet Standard

"Joel M. Halpern" <jmh@joelhalpern.com> Tue, 14 February 2017 19:05 UTC

Return-Path: <jmh@joelhalpern.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 379481294C2 for <ietf@ietfa.amsl.com>; Tue, 14 Feb 2017 11:05:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=joelhalpern.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eTBEErNmfJf9 for <ietf@ietfa.amsl.com>; Tue, 14 Feb 2017 11:05:12 -0800 (PST)
Received: from mxb2.tigertech.net (mxb2.tigertech.net [208.80.4.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DA6401296DD for <ietf@ietf.org>; Tue, 14 Feb 2017 11:05:12 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mailb2.tigertech.net (Postfix) with ESMTP id C12BA32E455; Tue, 14 Feb 2017 11:05:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelhalpern.com; s=1.tigertech; t=1487099112; bh=gy9Danh/rFFMlL5NgCN/6mskrWK1bfdwQwj4RZFbmRQ=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=mPFs+CyBIxG3V/KznLLR7a/D7YW9lsMhciSZRFRxVqpMXfAodqpXnwnnZJnH/5ZxF dXUHoTU0V0Uen3VvjTVsxank7Orng1Iy6P/HmyTnCYWVh0K0SYEFfm3vBMWoFDLMtU 0zCnhpus0CkizdcHcUhoRUPX3qkkAoIl4h7Xot90=
X-Virus-Scanned: Debian amavisd-new at b2.tigertech.net
Received: from Joels-MacBook-Pro.local (209-255-163-147.ip.mcleodusa.net [209.255.163.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mailb2.tigertech.net (Postfix) with ESMTPSA id 282F932E452; Tue, 14 Feb 2017 11:05:12 -0800 (PST)
Subject: Re: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> (Internet Protocol, Version 6 (IPv6) Specification) to Internet Standard
To: otroan@employees.org
References: <148599296506.18647.12389618334616420462.idtracker@ietfa.amsl.com> <60F01869-8B32-46D3-80B1-A140DF1DDA8A@employees.org> <8D401C5B-C3C3-4378-9DFA-BF4ACC8E9DAF@qti.qualcomm.com> <D2D907D5-84B4-43BB-9103-F87DA9F122EB@employees.org> <33DC7B74-D240-4FF2-A8FF-C9C5A66809EE@qti.qualcomm.com> <1179DE45-3971-44A1-9630-28F76D2D652D@employees.org> <2ea64b3c-d69d-6b6c-cb04-fe63727a8bee@si6networks.com> <23C46409-337C-468D-BCDC-34027BB56CAD@employees.org> <30715b9e-e9b7-320e-f9e2-fc3f64615d5c@si6networks.com> <CAJE_bqcKu1XVQOPzcd+8b68WcQyjH9QmszaSvKWhT8SvHJ0ppg@mail.gmail.com> <m2y3xdpmjd.wl-randy@psg.com> <5333378B-0F8D-4966-82B2-DFF9639CEC7D@fugue.com> <3a180e40-936b-956b-9fc3-5ecdd4d905ee@gmail.com> <m2poippisc.wl-randy@psg.com> <13830253-67ab-cb26-4fa0-f40a24f1a5bc@gmail.com> <76D87C97-1ECB-4E92-8FE7-ADAF464DB8FD@employees.org> <a0aaa86f-db08-4363-f9c6-0b55ceadc3b9@gmail.com> <48b1988d-2074-3e60-62ba-5943e6ec8b91@joelhalpern.com> <523D6E9B-5504-4AA6-81B7-81B68E742E6E@employees.org>
From: "Joel M. Halpern" <jmh@joelhalpern.com>
Message-ID: <79f04816-0249-c0b8-a72a-5d5bdf77d3f5@joelhalpern.com>
Date: Tue, 14 Feb 2017 14:05:11 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1
MIME-Version: 1.0
In-Reply-To: <523D6E9B-5504-4AA6-81B7-81B68E742E6E@employees.org>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/N34R4qiwT7hBkNaI5lHm_2kzS4c>
Cc: IETF discussion list <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Feb 2017 19:05:14 -0000

Ole, it is true that we write in English, and there is always room for
"interpretation", sometimes reasoanble room, sometimes not.

But in this case we have a demonstrated difference in how people
understand the existing text.  When we have such a demonstrated
difference, we have an obligation to address it.

Yours,
Joel

PS: The ability to do ECMP is why I helped with and supported the effort 
to get the flow label use for ECMP entropy documented.  That would 
ameliorate a number of problems.  I do not expect this revision of 2460 
to fix that, particularly since there seems to be little adoption.  I 
try not to get distracted looking for perfection.


On 2/14/17 1:59 PM, otroan@employees.org wrote:
> Joel,
>
>> There are two separate but related issues here.  One is what
>> behavior we want to require.  The other is whether we make the
>> document clear.
>>
>> I think choosing to leave a document going to Internet Standard
>> ambiguous is a serious mistake, bordering on failure.  We know that
>> the choice of permitting insertion of extension headers has
>> interoperability implications.  There are weveral ways we can
>> clarify the text. o We could say "MUST NOT" be added.  Preferably
>> with explaantion of the problems being avoided.
>
> Yes.
>
>> o We could say "MUST NOT unless some other standards track RFC says
>> it is okay" which is technically correct but confusing.
>
> That's redundant. A new standards RFC can always be written that will
> override this.
>
>> o We can say "SHOULD NOT unless ..." as long as we can write a
>> clear description of the conditions under which it is safe.
>
> As the 6man chair we declared that as out of scope in the context of
> advancing 2460 to Internet standard.
>
>> o We can say "AMY< but note that doing so has the following risks"
>> if that is the IETF rough consensus.
>
> Middleboxes live in unregulated territory, there was no support (or
> even suggestion) in the working group for explicitly permitting
> header insertion.
>
>> But leaving it ambiguous ought to be a non-starter.
>
> Why? Leaving it as it was, including describing what we would imagine
> it would break was the preferred solution in the working group. Note
> that both IPv4 and IPv6 has this so-called ambiguity, that has caused
> no known interoperability issues and has existed for decades.
>
> This is perceived as an ambiguity only because we as a community have
> accepted layer violations for so long. This can be exemplified by
> discussions on maximum extension header length in IPv6. The only
> reason that discussion happens is because middleboxes require access
> to the transport header and beyond. In a purist 2460 view a router
> doing 5-tuple ECMP is not compliant with the specification.
> Clarifying that ambiguity would probably not make the operational
> community proud of us.
>
> The only purpose an outright ban would achieve, would be a
> pre-emptive strike against potential future standardisation.
>
> So when you think long enough about it, which choice you pick will
> unlikely have much consequence either way. It has no effect on
> implementations, it is not testable. In the context of 2460 this
> isn't a debate with many technical points.
>
> Which is why the working group could not reach a consensus, and we
> ended up decided it with a poll. Do you prefer your bike shed red,
> yellow or green. You have added a couple of more colours.
>
>> Personally, I would go with "MUST NOT", as I think that is the
>> robust and interoperable answer.  But that is MUCH less important
>> to me than our being unambiguous.
>
> There is an infinite set of creative (ab)uses of 2460 that hasn't
> been banned. I would claim it would be impossible to write a document
> which would MUST NOT every potential abuse.
>
> Best regards, Ole
>