Re: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> (Internet Protocol, Version 6 (IPv6) Specification) to Internet Standard

otroan@employees.org Wed, 08 February 2017 13:51 UTC

Return-Path: <otroan@employees.org>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18E85129A9D; Wed, 8 Feb 2017 05:51:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=employees.org; domainkeys=pass (1024-bit key) header.from=otroan@employees.org header.d=employees.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yNysvL6APz9o; Wed, 8 Feb 2017 05:51:57 -0800 (PST)
Received: from esa01.kjsl.com (esa01.kjsl.com [IPv6:2607:7c80:54:3::87]) by ietfa.amsl.com (Postfix) with ESMTP id D0C48129A98; Wed, 8 Feb 2017 05:51:57 -0800 (PST)
Received: from cowbell.employees.org ([198.137.202.74]) by esa01.kjsl.com with ESMTP; 08 Feb 2017 13:51:57 +0000
Received: from cowbell.employees.org (localhost [127.0.0.1]) by cowbell.employees.org (Postfix) with ESMTP id D9B2ED788E; Wed, 8 Feb 2017 05:51:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=employees.org; h=from :message-id:content-type:mime-version:subject:date:in-reply-to :cc:to:references; s=selector1; bh=Yc7AspPepYgtbcfh+2At4YyR4i8=; b= DI2sKIwOj0GEofTKdz0SlCTtpVVJxknULcg8LM6ju68X/eogQuiFn4YInTStHSpZ Xffa41jnIb7VRV+Kkyigtae4wLUPh1DKCvmgRcJ7eSrPBKyvUOD+M9l9OfbTD1UL yg79WEPIf8BuQFQiInu27h4sBFD8kP0oKuz+DYFv4Gc=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=employees.org; h=from :message-id:content-type:mime-version:subject:date:in-reply-to :cc:to:references; q=dns; s=selector1; b=sa6Oeo8CkHnFwwuTjXda7oC CV6nkYSwtCneZfY/YoILGfbEUpJvJ7UO4meEp6w2tTmV+ZQRZ5xXUVumYK5nt/9i zulyJ4haDwEFaI+AGJmmlm/qjrFNgLCnrjCQXmIBhNAmARFu/rlp9mj9SlATynyq t+ByEvC5/yib90oRUmWw=
Received: from h.hanazo.no (96.51-175-103.customer.lyse.net [51.175.103.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: otroan) by cowbell.employees.org (Postfix) with ESMTPSA id 7C403D788D; Wed, 8 Feb 2017 05:51:56 -0800 (PST)
Received: from [IPv6:::1] (localhost [IPv6:::1]) by h.hanazo.no (Postfix) with ESMTP id D108D86B89F8; Wed, 8 Feb 2017 14:51:53 +0100 (CET)
From: otroan@employees.org
Message-Id: <1179DE45-3971-44A1-9630-28F76D2D652D@employees.org>
Content-Type: multipart/signed; boundary="Apple-Mail=_5B2ACA68-EA98-405C-B185-F42866D0A3CC"; protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
Subject: Re: Last Call: <draft-ietf-6man-rfc2460bis-08.txt> (Internet Protocol, Version 6 (IPv6) Specification) to Internet Standard
Date: Wed, 8 Feb 2017 14:51:52 +0100
In-Reply-To: <33DC7B74-D240-4FF2-A8FF-C9C5A66809EE@qti.qualcomm.com>
To: Pete Resnick <presnick@qti.qualcomm.com>
References: <148599296506.18647.12389618334616420462.idtracker@ietfa.amsl.com> <30725d25-9829-bf50-23c6-9e1b757e5cba@si6networks.com> <7ee506c2-4213-9396-186a-2b742c32f93b@gmail.com> <EA7E5B60-F136-47C6-949C-D123FB8DA70E@cisco.com> <00af01d27e11$fe539500$4001a8c0@gateway.2wire.net> <60F01869-8B32-46D3-80B1-A140DF1DDA8A@employees.org> <8D401C5B-C3C3-4378-9DFA-BF4ACC8E9DAF@qti.qualcomm.com> <D2D907D5-84B4-43BB-9103-F87DA9F122EB@employees.org> <33DC7B74-D240-4FF2-A8FF-C9C5A66809EE@qti.qualcomm.com>
X-Mailer: Apple Mail (2.3259)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/ucTSzMBafZkS88DKn4YwJothJA0>
Cc: 6man@ietf.org, draft-ietf-6man-rfc2460bis@tools.ietf.org, IETF Discussion <ietf@ietf.org>, 6man-chairs@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Feb 2017 13:51:59 -0000

Pete,

> After reading the replies, I wonder if you could amend your summary with one point in particular:
> 
> On 4 Feb 2017, at 2:32, otroan@employees.org wrote:
> 
> There were three main positions argued in the working group.
> 
> 1) Ban header insertion outright.
> 2) Describe the problems with header insertion.
> 3) No changes to RFC2460 text.
> 
> What did you see as the objections to going with (1) (which I presume to be the equivalent of Brian's proposed text)? Why was it that people thought the protocol could not be clarified to say that? And was your assessment that those arguments were correct, or that they simply were not addressed by the WG? I've seen several people argue on this list that (1) was always the intent of the protocol, and that damage occurs if you don't follow that directive. I haven't seen anyone here argue otherwise. Could you summarize?

I can try. It has been difficult to distill the essence out of all the mailing list discussions.
This is _my_ take of the discussion and arguments as I understood them. Please chime in with corrections.

The arguments of what would break are correct. The counter-arguments given would be that this is done within a controlled domain and the potential for damage could be controlled.

The discussion went something like (paraphrasing):

 - Inserting headers will break Path MTU discovery, AH and may result in unsuspecting hosts receiving ICMP error messages.
 - We will do this in a controlled domain only.
 - Even if you can guarantee it will not leak, it is not appropriate to specify that in the core IPv6 specification
 - We don't need that, we just need 2460 not to ban it. IPv6 is used in many networks not only the capital I Internet.

There was also quite a bit of discussion on the intent of the original authors. I don't know how much value it is correct to give that argument. "This is what I intended, but not what I wrote...". Given that this is in any case the output of the IETF and not two individual authors.

1) Ban header insertion outright.

Objections:
a)  There are proposals wanting to insert headers:
   - draft-ietf-6man-segment-routing-header
   - draft-brockners-inband-oam-transport
   - Just now: draft-francois-dots-ipv6-signal-option-01

i) Out of scope: Argue the point of header insertion or alternatives in the context of those proposals, not in the context of the core IPv6 specification. Do not try to make a preemptive strike in the core specification.

ii) Use encapsulation alternative has problems. In e.g. inband-oam some meta-data is attached to a packet on ingress into a domain and removed at egress of the domain. The ingress doesn't necessarily know the egress, normal destination routing is supposed to happen. That is hard to achieve with a encapsulation solution.

iii) Use encapsulation alternative has problems 2. A packet with extension headers would be processed normally by an unmodified end host,
while an encapsulated packet would not.

b) RFC2460 is already clear and no clarification is needed. No interoperability issue has been shown caused by this perceived ambiguity.

2) Describe the problems with header insertion.

Objections:
a) The list of problems with header insertion can never be complete. It might be misconstrued as the only set of problems required to be solved to allow header insertion.

b) Speculating about something we don't know how to do (header insertion) is not appropriate when bringing the specification to internet standard.

c) Leaves the ambiguity in place.

3) No changes to RFC2460 text.

Objections:
a) Leaves the ambiguity in place.

There was hard to find consensus on either of the alternatives. As the poll shows there was a clear preference (if people couldn't get their first choice) to describe the problem, over banning it, or over saying nothing.

Best regards,
Ole