Re: MUST is an aspiration
Warren Kumari <warren@kumari.net> Thu, 12 September 2019 13:44 UTC
Return-Path: <warren@kumari.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18443120089 for <ipv6@ietfa.amsl.com>; Thu, 12 Sep 2019 06:44:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OyuNv0UECOK3 for <ipv6@ietfa.amsl.com>; Thu, 12 Sep 2019 06:44:28 -0700 (PDT)
Received: from mail-qt1-x829.google.com (mail-qt1-x829.google.com [IPv6:2607:f8b0:4864:20::829]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65E69120041 for <6man@ietf.org>; Thu, 12 Sep 2019 06:44:28 -0700 (PDT)
Received: by mail-qt1-x829.google.com with SMTP id c17so10269297qtv.9 for <6man@ietf.org>; Thu, 12 Sep 2019 06:44:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=HihP5zBmvAYcqrLX0d+5or6rks8f3vksHXUtZa8401c=; b=m4g5TyW65GTd4VjcPk1629WXzk+/8SpNwOIDtMVC1qv/jhryFFDqKaBNsM4rrbiOx1 r7r/KzBba4dQKzeRgWa6h/s55AXLRaFmcpv/fRD8v6u4y+Lmxjcni8mtyczlTH5EB7UB 2H+QL2jsyoWoP5VrI3dmG2fvjqzf/BWjpDeHlqW28YkRs8b3owj8BgSW0jY1H3GCqbC9 BJ23nWSPHk6Njc0j6wIsDC15tbeXhixLFF0uPXiJpppgJaCG1rfuTO0+JWvUfS4lTZz5 HT2r+GJuuNXRzszP+3fC+dK/gItHpJT0ldkrbEqcZeDNj9jLiksd4vBcT9vSWmNf8l71 FNiw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=HihP5zBmvAYcqrLX0d+5or6rks8f3vksHXUtZa8401c=; b=TPS6g5Tvf45OZQh02E5m4d2R0uqgYTGN3MBkwg8QkcMTpzPDHGolqSJ3u6fH+jBX91 auFjjB4HQPjjj+7q/QEoVPUVeg9cvVbq7S+aZfDDamwlNBvFR1TyyEH7ImJhL8pkNkkN 54Jv2V6RDgMBCU7E2oX4HYwkrvtFyxchTnJy9sRpJLHCr+nJn1BpDA7yVe8lRaNwQ50+ JGTQ4xBSJRjAeOgnum76ItTsJjuy8FHpxBbAX7/mMJOOpxTpMS0NJYkfeP0kqOLiDeuY woJ00ADUPOkDII412eks3i+pg2oPNL4o4CFf4UaxDZs975ykEQwFxv7XXakX3iOPWxAm ENkw==
X-Gm-Message-State: APjAAAV9TlmLI5qz4YHa3XMPN+HAOqdcUn4y1IqJMS1gfPeFq1FhKQXo 1kY4AYptEoCO2n+gumqG5Kn/1x5y6KZlE6MIeWaTJA==
X-Google-Smtp-Source: APXvYqzPiVkQxUb3/ZP84yszknc1sRZs6UMn508BamnF9r1oRuPo3egP5Jni7oy8wGkmbUce38T2Acd+5hW+Kkt3MNs=
X-Received: by 2002:ac8:6e8b:: with SMTP id c11mr6481766qtv.77.1568295866709; Thu, 12 Sep 2019 06:44:26 -0700 (PDT)
MIME-Version: 1.0
References: <CAO42Z2zLwzDB0iDqBQsnWTFMaO7g8_3GUoyrMsOj0qLZrQogVA@mail.gmail.com> <2B6D8A3A-BC29-4F19-A958-745CA2F3F57D@gmail.com>
In-Reply-To: <2B6D8A3A-BC29-4F19-A958-745CA2F3F57D@gmail.com>
From: Warren Kumari <warren@kumari.net>
Date: Thu, 12 Sep 2019 09:43:50 -0400
Message-ID: <CAHw9_iLbSEPOtP0LZ8icR0iprve=Gnx0_=Y=yarx4w2btrDzrg@mail.gmail.com>
Subject: Re: MUST is an aspiration
To: Fred Baker <fredbaker.ietf@gmail.com>
Cc: Mark Smith <markzzzsmith@gmail.com>, 6MAN <6man@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/5rwFosTNYWlkRgEAAcUxRESBMKQ>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Sep 2019 13:44:31 -0000
On Thu, Sep 12, 2019 at 5:07 AM Fred Baker <fredbaker.ietf@gmail.com> wrote: > > On Sep 12, 2019, at 5:19 AM, Mark Smith <markzzzsmith@gmail.com> wrote: > > If they don't exist (they don't), then such a MUST in an RFC is an aspiration. It's a theoretical goal, one that in practice has been proven not to be 100% true in similar scenarios where things "MUST" not leak (RFC 1918 leaks, route leaks, DNS PTR lookup for private addresses etc.) > > For the record, I doubt that “MUST” was ever something observed, at least following the publication of RFCs 1122/1123/1812. The first use was in RFC 1122/1123 and 1812, and in those it was something that was true of an algorithm - if <something> wasn’t the case (such as if ARP was sent FROM a broadcast address), something decidedly and demonstrably failed. In subsequent specifications, it was always something those participating in the relevant consensus wanted to be true, and gave them a tool to say to a developer or vendor that they had to MAKE true. Hence the logic behind “SHOULD”; the developer could point out a case where a “MUST” requirement didn’t work, and they were asked to document it. > > Something I have observed about specifications that presumed that they only applied in a defined corner of the Internet (usually in enterprise or residential networks, but in this case is an AS that uses the capability) was that they invariably made it out of the hinterlands onto the backbone. The most obvious cases are private and Martian addresses, but they are not the only ones, by a long shot. Hence, it seems to me that while the requirement is that “the hinterland should not let this out”, the practical requirement is that if you connect in some way with such a hinterland, you should implement defensive measures in case they do. Again, BGP is the obvious example - “you should not advertise ULA or private addresses”, and “you should filter out announcements from your neighbor of private and ULA addresses” - barring an agreement to the contrary. ... it's worse than that / some more concrete data: RFC6996 (Autonomous System (AS) Reservation for Private Use) speaketh thusly: "If Private Use ASNs are used and prefixes originate from these ASNs, Private Use ASNs MUST be removed from AS path attributes (including AS4_PATH if utilizing a four-octet AS number space) before being advertised to the global Internet." but looking on routeviews shows there to be (assuming I've gotten my regexp right -- show ip bgp regexp _(6451[2-9]|645[2-9][0-9]|64[6-9][0-9][0-9]|65[0-4][0-9][0-9]|655[0-2][0-9]|6553[0-5])_ ): Displayed 573 routes and 13092222 total paths RFC1918 doesn't contain RFC2119 language, but it does make it clear that this space should be filtered out of routing announcements -- and yet (using RV again) we see 7 routes for RFC1918 space (5 for 10.0.0.0/8 and 2 for 192.168.0.0/16). Routing information is (relatively) easy to control the flow of, but filtering IP packets at the border is operationally trickier, and will leak more... W > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf
- MUST is an aspiration Mark Smith
- Re: MUST is an aspiration Fred Baker
- Re: MUST is an aspiration Warren Kumari