Re: [Errata Rejected] RFC8200 (6003)
JINMEI Tatuya / 神明達哉 <jinmei@wide.ad.jp> Tue, 12 May 2020 01:57 UTC
Return-Path: <jinmei.tatuya@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 813803A0E37; Mon, 11 May 2020 18:57:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.498
X-Spam-Level:
X-Spam-Status: No, score=-1.498 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FSrRzOfzoW6U; Mon, 11 May 2020 18:57:22 -0700 (PDT)
Received: from mail-pj1-x1036.google.com (mail-pj1-x1036.google.com [IPv6:2607:f8b0:4864:20::1036]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 717233A0E1B; Mon, 11 May 2020 18:57:22 -0700 (PDT)
Received: by mail-pj1-x1036.google.com with SMTP id z15so18242pjb.0; Mon, 11 May 2020 18:57:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:message-id:from:to:cc:subject:in-reply-to:references :user-agent:mime-version; bh=NFiL56D7PCN7r4KNbY6SOcJhY6sYn5svkOhFIHZWHVU=; b=kXOK2YUAmktm9hPfKQiP0Mi2PckmksW1uw/d2tv8OdNUfWg706//8sQso8EENCrAz0 tOvJjI3BiCq4qNLBzEofotjfYovyVDbsAGRo4tc/4qAvgpEcw+qcdvt7Wt+bCGtinAGL DJh5BA+TfM2LCT99x4RS53adFnH3yMS6801csh+L/e4A4X4z98nCFdSUrW0fvlM3EvOp +HDB8AzO942b0u0BsXETptzc776biH8xMTw/0ekv3jfVkWoCznOhjKhyuYJt0PpcvSMN sHuBRGmdrEp4zyEcRMGPz+d6iOaJDl/hdwvD1OQ/k2wcO3zOBlOai5CI3MZ1a1OkCud6 FBKw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:message-id:from:to:cc:subject :in-reply-to:references:user-agent:mime-version; bh=NFiL56D7PCN7r4KNbY6SOcJhY6sYn5svkOhFIHZWHVU=; b=OuMSQ3UoL5/Xrq+mhm9jRVKXHgwfF39mFjLfdOND+6b3jgIsRXo/p/wAKyLzL8SWxM jMhGTlQTLh8EyokWJunzFOQzIFqFa9o2n/VkFr2BFjIDB49ArO16m5fUdMkADeaa8ozO ppEAz86RbfyH8yI1ACdYcEE/uoes0kjJJ2kU5W8l19HJI8rAjIM2SPetpwF/1YlT3Ccc TY4ZAx63tL61+vOCdjrCXvojr6x2/bbUbVB3IkY5OwT0Oy7hzGBq1ndwS5Y4C5GZQseK OjPdw6gd9kRRTZ/p4UappOZ87KdzrXfc7dDjWajhJs4txmEkiuilhZbUEby2q9HThMZb wdSA==
X-Gm-Message-State: AGi0PuaQ0EmIGUPEfBmMJinghWmcLFFAhD/zEffBnqJiB2j1pz0HWZW6 2Mh8j1lKNZGCuAEEhSQBWhM=
X-Google-Smtp-Source: APiQypKEFvDF7NugfGBjpU3wDo1Hs3BQzWlr9Rxe3RPsEZw2SQYkwKb8H19lMftvN8OVp5IMh91Hdw==
X-Received: by 2002:a17:902:9a41:: with SMTP id x1mr16871696plv.4.1589248641520; Mon, 11 May 2020 18:57:21 -0700 (PDT)
Received: from jmb.localhost ([2601:646:8e01:ffbd:9167:67f:6594:61b3]) by smtp.gmail.com with ESMTPSA id q11sm10277057pfl.97.2020.05.11.18.57.20 (version=TLS1 cipher=AES128-SHA bits=128/128); Mon, 11 May 2020 18:57:20 -0700 (PDT)
Sender: JINMEI Tatuya <jinmei.tatuya@gmail.com>
Date: Mon, 11 May 2020 18:57:11 -0700
Message-ID: <m28shxdifc.wl%jinmei@wide.ad.jp>
From: JINMEI Tatuya / 神明達哉 <jinmei@wide.ad.jp>
To: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: fgont@si6networks.com, bob.hinden@gmail.com, ipv6@ietf.org, iesg@ietf.org
Subject: Re: [Errata Rejected] RFC8200 (6003)
In-Reply-To: <20200510184112.9643EF406D6@rfc-editor.org>
References: <20200510184112.9643EF406D6@rfc-editor.org>
User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/24.5 Mule/6.0 (HANACHIRUSATO)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/pB5dcr9FBV4vgziWop0kjGLseRU>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 May 2020 01:57:25 -0000
I don't have a strong opinion on how this errata should be handled, but I'd like to make a remark on one specific point: At Sun, 10 May 2020 11:41:12 -0700 (PDT), RFC Errata System <rfc-editor@rfc-editor.org> wrote: > --VERIFIER NOTES-- > Section 3 clearly highlights for the reader when the IPv6 Destination Address in the header might differ from the IPv6 address of the ultimate destination. > > As such, all references in the document to "Destination Address" lacking further qualifying text should be read bearing this in mind. The text in section 4 is no exception. The key text has remained unchanged since RFC 1883. Does "the key text" mean the definition of "Destination Address" in Section 3? Destination Address 128-bit address of the intended recipient of the packet (possibly not the ultimate recipient, if a Routing header is present). See [RFC4291] and Section 4.4. then that's true. And, I agree that the text in question in Section 4 intentionally uses the term "Destination Address" precisely in this sense until RFC2460: With one exception, extension headers are not examined or processed by any node along a packet's delivery path, until the packet reaches the node (or each of the set of nodes, in the case of multicast) identified in the Destination Address field of the IPv6 header. This "Destination Address" *must* include an intermediate destination specified in a routing header, since there can be an extension header (other than hop-by-hop options headers) before a routing header, and such a routing header would have to be "examined" or "processed" at each destination specified in that routing header. Now, RFC8200 changes this text in a non-trivial way, and in that sense "a key text" has changed, which is in fact the point of the "error": Extension headers (except for the Hop-by-Hop Options header) are not processed, inserted, or deleted by any node along a packet's delivery path, until the packet reaches the node (or each of the set of nodes, in the case of multicast) identified in the Destination Address field of the IPv6 header. The phrase "inserted, or deleted" was added as a result of the discussion regarding whether "examined or processed" includes insertion or deletion. If it doesn't, it means that an arbitrary node in a packet's delivery path (whether or not the nodes' address can appear in the Destination Address field of the IPv6 packet due to a routing header) can insert or delete an extension header. In particular, such an arbitrary node can insert a routing header into a packet even if that node itself doesn't appear in the Destination Address field. That would be particularly convenient for the "insertion/deletion" mode of SRv6, and that interpretation ("examined or processed" does NOT include insertion or deletion) were mainly supported by those developing the SRv6 protocol. Other people opposed that interpretation and argued that "examined or processed" should include insertion or deletion, since otherwise it would break some existing standard protocols such as PMTUD or AH and make error handling less robust (the same argument we're still seeing today). So far I hope I simply explained the past fact without mixing my own opinions. Now this is what I would interpret the new text (which also matched my memory on how I interpreted it at that time): with this background history in mind, the intent of the new text should simply be an attempt to clarify "examined or processed" includes "inserted or deleted" for any intermediate node in a packet's delivery path. Unfortunately the resulting text overlooked its implication with the definition of "Destination Address", that is, accidentally making a loophole for intermediate nodes specified in a routing header. But if the loophole had had been noticed at that time, it wouldn't have been accepted by those who opposed allowing insertion/deletion, since its adverse effects such as breaking PMTUD would be almost fully intact. And the loophole wouldn't have made much sense for the SRv6 developers either, since it would still prevent an fully arbitrary insertion. So I believe most people involved in that discussion interpreted the text as I did, regardless of their position on intermediate insertion/deletion. Of course, this interpretation wouldn't be favorable for those who wanted arbitrary insertion/deletion. The "deal" in my memory is that while rfc2460bis (now RFC8200) explicitly made it more restrictive than RFC2460, 6man and spring WGs would collaborate on followup work on how we can loosen the condition. (I wish I had a more direct reference to this conclusion at that time, but I couldn't easily find it so I'm writing this largely based on my own memory and it's quite possible that it's not entirely accurate). And that's why I believe that this is essentially a simple "bug fix" of the RFC text and that it's more productive to fix the bug quickly and focus on the "followup work". In that sense I sort of agree that it can be fixed as an erratum. But I also admit that "purely literally" the current RFC8200 text could read as if it made the loophole intentionally, and so I understand the argument that it's not suitable for errata. And, in any case, I don't think it's productive to spend too much time on whether errata are the suitable place for this fix. If that level of point is somehow debatable, I'd rather suggest focusing on draft-bonica-6man-ext-hdr-update (I'd suggest the same thing even if I don't happen to be a coauthor of the draft). -- JINMEI, Tatuya
- [Errata Rejected] RFC8200 (6003) RFC Errata System
- Re: [Errata Rejected] RFC8200 (6003) Fernando Gont
- Re: [Errata Rejected] RFC8200 (6003) Erik Kline
- Re: [Errata Rejected] RFC8200 (6003) JINMEI Tatuya / 神明達哉
- RE: [Errata Rejected] RFC8200 (6003) Xiejingrong (Jingrong)
- Spring Appeal and [Errata Rejected] RFC8200 (6003) Fernando Gont
- Re: Spring Appeal and [Errata Rejected] RFC8200 (… otroan
- Re: Spring Appeal and [Errata Rejected] RFC8200 (… Fernando Gont
- Re: Spring Appeal and [Errata Rejected] RFC8200 (… Erik Kline
- Re: Spring Appeal and [Errata Rejected] RFC8200 (… Fernando Gont
- Re: Spring Appeal and [Errata Rejected] RFC8200 (… Sander Steffann
- Re: Spring Appeal and [Errata Rejected] RFC8200 (… Robert Raszuk
- Re: Spring Appeal and [Errata Rejected] RFC8200 (… Sander Steffann
- Re: Spring Appeal and [Errata Rejected] RFC8200 (… Robert Raszuk
- Re: Spring Appeal and [Errata Rejected] RFC8200 (… Brian E Carpenter
- Re: Spring Appeal and [Errata Rejected] RFC8200 (… Lorenzo Colitti