IETF Logo Mail Archive

Re: Who is the design ultimate authority over IPv6? (Re: [spring] WGLC - draft-ietf-spring-srv6-network-programming)

"Joel M. Halpern" <jmh@joelhalpern.com> Sat, 07 March 2020 02:30 UTC

Return-Path: <jmh@joelhalpern.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89E503A1088 for <ipv6@ietfa.amsl.com>; Fri, 6 Mar 2020 18:30:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=joelhalpern.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AbK33rfC_Pv8 for <ipv6@ietfa.amsl.com>; Fri, 6 Mar 2020 18:30:06 -0800 (PST)
Received: from maila2.tigertech.net (maila2.tigertech.net [208.80.4.152]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E57CD3A109C for <6man@ietf.org>; Fri, 6 Mar 2020 18:30:06 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by maila2.tigertech.net (Postfix) with ESMTP id 48Z7k65mxgz6G9pD; Fri, 6 Mar 2020 18:30:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joelhalpern.com; s=2.tigertech; t=1583548206; bh=sJwTrL3xu11Ui8hg/wXf7UIle1TArkQjaV9lTp3ivh0=; h=Subject:To:References:From:Date:In-Reply-To:From; b=GO/QnzXbEF6op1hUUkgG/TzPQN9iHil6bSzjrzS0jgwvMlSm1Gs6B/lH/2otAVhNM oCTc4uAl6IVD5h0jwPjYLQwfHyiQ43bUdK7KNT04Vfu0PB7MMTUl+Q/JASa/Z9HGlI UlaFNHiKGYIHOmgzwndBeruKJ9vtOib0+8Y1+EHs=
X-Virus-Scanned: Debian amavisd-new at a2.tigertech.net
Received: from [192.168.128.43] (209-255-163-147.ip.mcleodusa.net [209.255.163.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by maila2.tigertech.net (Postfix) with ESMTPSA id 48Z7k61w9Pz6G86q; Fri, 6 Mar 2020 18:30:05 -0800 (PST)
Subject: Re: Who is the design ultimate authority over IPv6? (Re: [spring] WGLC - draft-ietf-spring-srv6-network-programming)
To: Mark Smith <markzzzsmith@gmail.com>, "6man@ietf.org" <6man@ietf.org>
References: <17421_1575566127_5DE93B2F_17421_93_1_53C29892C857584299CBF5D05346208A48D1A3DA@OPEXCAUBM43.corporate.adroot.infra.ftgroup><6c674995-8cc7-c024-4181-60b160910f75@si6networks.com> <29345_1576001884_5DEFE15C_29345_229_5_53C29892C857584299CBF5D05346208A48D250B7@OPEXCAUBM43.corporate.adroot.infra.ftgroup><89402a30-129b-314f-90f1-ba6efcdd6a88@si6networks.com> <16536_1576089460_5DF13774_16536_366_1_53C29892C857584299CBF5D05346208A48D273AD@OPEXCAUBM43.corporate.adroot.infra.ftgroup> <CAO42Z2z2s92yitCC0eLrNO3dXe_EarRSUZq8GmJ=QRdZ59d0ag@mail.gmail.com> <64E8151B-DF45-4F30-A4AD-673E37A482DD@employees.org> <738133cf-1b87-90b3-614f-470b5546eedf@gmail.com> <CALx6S35=NWNu9iV7FU=zhmOwjB5T_WswyS13skpqfDfvL=G_jQ@mail.gmail.com> <1ea7ab65-7a07-5c78-aac7-bf202051a43a@gmail.com> <d1f32cb2-9f43-46cb-8585-319726e750b9@joelhalpern.com> <CAO42Z2wvCuj4YxBhmBAeh2yZdxi8uYy45o5gQNyEbHVGqu+_Eg@mail.gmail.com>
From: "Joel M. Halpern" <jmh@joelhalpern.com>
Message-ID: <03a72a64-f7b7-e21a-b4b1-904fdec46203@joelhalpern.com>
Date: Fri, 06 Mar 2020 21:30:04 -0500
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0
MIME-Version: 1.0
In-Reply-To: <CAO42Z2wvCuj4YxBhmBAeh2yZdxi8uYy45o5gQNyEbHVGqu+_Eg@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/gFkMJsmU7xO2h6sHYZMWhSQSvAI>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Mar 2020 02:30:17 -0000

Mark, it has been approved by the IESG for publication.  We had a WG 
last call.  An IETF last call.  An IESG review.  It is in the RFC EDitor 
queue for publication.  While we could theoretically call it back, there 
would have to be an overwhelming reason.

Yours,
Joel

On 3/6/2020 9:17 PM, Mark Smith wrote:
> Hi Joel,
> 
> On Sat, 7 Mar 2020 at 13:12, Joel M. Halpern <jmh@joelhalpern.com> wrote:
>>
>> I think there is a difference between
>> AH Is optional in all IPv6 implementations and deployments
>>       and
>> A standard may be incompatible with AH.
>>
>> Having said ath, we approved SRH knowing it was incompatible with AH.
> 
> I don't think 6man or the IETF have "approved" it. It's still a 6man
> WG Internet Draft.
> 
> https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-26
> 
> 6man could abandon it just like "IPv6 Router Advertisement IPv6-Only
> Flag" was, due to lack of consensus during WG last call.
> 
> Regards,
> Mark.
> 
> 
>> So whether I think that makes sense or not, we live with it.  (In this
>> context, we is both 6man and the IETF as a whole.)
>>
>> Yours,
>> Joel
>>
>> On 3/6/2020 9:04 PM, Brian E Carpenter wrote:
>>> Tom,
>>>
>>>> I don't understand what you mean by "AH is optional" in this context.
>>>
>>> AH is optional in *every* context. So it's completely legitimate for
>>> the SRH architecture to state that AH is not used in SRH domains. It
>>> might be used in packets that are encapsulated for transit across an
>>> SRH domain, but that's fine.
>>>
>>> I thought this was clear when we persuaded the SRH community to drop
>>> insertion and specify encapsulation.
>>>
>>>       Brian
>>> On 07-Mar-20 10:00, Tom Herbert wrote:
>>>> On Fri, Mar 6, 2020 at 12:17 PM Brian E Carpenter
>>>> <brian.e.carpenter@gmail.com> wrote:
>>>>>
>>>>> Ole,
>>>>>
>>>>> On 07-Mar-20 02:24, otroan@employees.org wrote:
>>>>>> [spring cross posting deleted]
>>>>>>
>>>>>>>> - Read the mailing list and you will see that everyone do not share your opinion. So at least one person is wrong. I think that it would help if everyone, including you, could consider that they/you _may_ be wrong, at least to better understand the comments been made by others.  And possibly the text from RFC 8200 is not clear, but this is what we have. And this is the text to use to support the claim that this text is violated.
>>>>>>>
>>>>>>> The final interpretation and intent of text in RFC8200 should be up to
>>>>>>> 6man, not SPRING, when there is ambiguity and dispute, as 6man is the
>>>>>>> ultimate design authority for IPv6.
>>>>>>>
>>>>>>> RFC5704, "Uncoordinated Protocol Development Considered Harmful":
>>>>>>>
>>>>>>> " In particular, the
>>>>>>>     IAB considers it an essential principle of the protocol development
>>>>>>>     process that only one SDO maintains design authority for a given
>>>>>>>     protocol, with that SDO having ultimate authority over the allocation
>>>>>>>     of protocol parameter code-points and over defining the intended
>>>>>>>     semantics, interpretation, and actions associated with those code-
>>>>>>>     points."
>>>>>>>
>>>>>>> IETF WGs would qualify as standards development organisations.
>>>>>>>
>>>>>>> Those of us in 6man during the clarifications in this area of RFC8200
>>>>>>> know the intent. It was specifically about modification of the EH
>>>>>>> chain, and was in response to the
>>>>>>> 'draft-voyer-6man-extension-header-insertion' Internet Draft.
>>>>>>
>>>>>> No, it is the IETF that is the SDO and has that authority through IETF consensus.
>>>>>> Not the working group.
>>>>>
>>>>> Absolutely. And that means: IETF consensus as judged by the IESG, subject to the RFC 2026 appeal process.
>>>>>> Let me summarize my take on this from a 6man perspective:
>>>>>>
>>>>>> 1) PSP violates RFC8200.
>>>>>> I also object to any statement in SR PGM that it is in "compliance with 8200". It specifies it's own unique EH handling.
>>>>>
>>>>> It doesn't use the word "compliance" which is rather loaded in standards-speak. It now says:
>>>>>
>>>>>     "This behavior does not contravene Section 4 of [RFC8200] because the
>>>>>      current destination address of the incoming packet is the address of
>>>>>      the node executing the PSP behavior."
>>>>>
>>>>> Like it or not, that's what we published. Whether it's what we meant is another question.
>>>>>
>>>>>> As I state below that's perfectly fine.
>>>>>>
>>>>>> 2) A premise for the work on tightening extension header processing rules leading up to 8200, was that new specifications can specify different behaviour than what's defined in 8200.
>>>>>> That is what the SR PGM document does. Any specification that changes EH processing must specify how that processing is done, and must be technically sound, in that it is shown not to break anything (interoperability, PMTUD, end to end security etc).
>>>>>> The SR PGM document has been terse in it's description and how it deals with identified technical issues. But it is also clear, that it is specified to only work within a limited domain, where the source, destination and in-path nodes are all within the same domain of control.
>>>>>> I see no outstanding technical issues with that mechanism.
>>>>>
>>>>> After a lot of thought, I agree with that. It's known not to work with AH, but AH is optional. It cannot break PMTUD because it only makes the packet smaller. And I am told it doesn't break OAM.
>>>>
>>>> Brian,
>>>>
>>>> I don't understand what you mean by "AH is optional" in this context.
>>>> AH is certainly optional to send by source nodes, however if it is in
>>>> a packet then I don't see how intermediate nodes have the option to
>>>> knowingly break AH. This is precisely why declaring what data in
>>>> header fields is mutable in flight is so important. This isn't just to
>>>> make AH work, but enforcing that the network doesn't arbitrarily
>>>> modify packets in random ways is one of the reasons why AH is needed.
>>>>
>>>> (If you were to say that AH isn't a problem because it will never be
>>>> in the same packet as and SRH, then I will have to point that SRH does
>>>> not preclude that possibility. IMO, until the combination is expressly
>>>> prohibited, intermediate nodes are subject to "be liberal in what you
>>>> receive" in this regard)
>>>>
>>>> Tom
>>>>
>>>>>
>>>>>> 3) It is also clear that what is specified in SR PGM does not work across administrative domain or on the general Internet.
>>>>>
>>>> That's the limited domain argument which as pointed out several times
>>>> is not a normatively defined construct in IETF. Without such a
>>>> definition I don't see how requirements pertaining to IPv6 can take
>>>> this into account (i.e. we can't update RFC8200 with requirements that
>>>> would only be applicable in a limited domain without defining limited
>>>> domain).
>>>>
>>>>> In fact, the whole of SRH is intra-domain, as specified by RFC8402.
>>>>>
>>>>>> For that reason I would object to any modification to 8200. Be it erratum, updated by pointer or bis document.
>>>>>
>>>>> I think there's an established weakness in RFC 8200. We could decide to live with it, as we live with weaknesses in RFC 791.
>>>>>
>>>>>> Is is possible to come to some agreement and consensus on the above points?
>>>>>
>>>>> That beats me ;-)
>>>>>
>>>>>       Brian
>>>>>
>>>>> --------------------------------------------------------------------
>>>>> IETF IPv6 working group mailing list
>>>>> ipv6@ietf.org
>>>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>>>> --------------------------------------------------------------------
>>>>
>>>
>>> --------------------------------------------------------------------
>>> IETF IPv6 working group mailing list
>>> ipv6@ietf.org
>>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>>> --------------------------------------------------------------------
>>>
>>
>> --------------------------------------------------------------------
>> IETF IPv6 working group mailing list
>> ipv6@ietf.org
>> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
>> --------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email