Re: [IPv6] rfc6874bis (was: Re: [v6ops] IPv6 link-local and URLs @ IETF119)
Brian E Carpenter <brian.e.carpenter@gmail.com> Wed, 20 March 2024 01:37 UTC
Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C18EDC15198B for <ipv6@ietfa.amsl.com>; Tue, 19 Mar 2024 18:37:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.196
X-Spam-Level:
X-Spam-Status: No, score=-2.196 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.091, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q1eUSaJCoTNo for <ipv6@ietfa.amsl.com>; Tue, 19 Mar 2024 18:37:55 -0700 (PDT)
Received: from mail-pg1-x52c.google.com (mail-pg1-x52c.google.com [IPv6:2607:f8b0:4864:20::52c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 456B9C15109D for <ipv6@ietf.org>; Tue, 19 Mar 2024 18:37:55 -0700 (PDT)
Received: by mail-pg1-x52c.google.com with SMTP id 41be03b00d2f7-53fbf2c42bfso4626761a12.3 for <ipv6@ietf.org>; Tue, 19 Mar 2024 18:37:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1710898674; x=1711503474; darn=ietf.org; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=Qa1+P/K7aZ22V9n4YnO3tSIomhrwr3ADKElnwIiiJTU=; b=OYsA/7VwZgwAjQ6T9x3NWzhliQmTzqwL87RhBC8KDa7isuWumK/NKx8TvaoyN8i3fU mRzjoO5ryyoOF3geP/N4itjkK5qQVNDaZ5OMktGR6OXrr4YXY7X2ktZbj9XVNP2LDnTY cxo9gPQw5Fl4a2P0l5LzjIUpabhgKEOjgNOIdualHEDeYedEc1CC/HgsgrQYZs9QUcCs 8t/HTXBvxV7hL8k20iHyTZ8MFYr5lo/w0toRxcHLz8LueiWuXHSXjgF45PtP0dBupl8A YkhY1tvPYyFEGQUnvDp6D9iMsw3dn1FCvd8YPqEomKeCYZCepZp6BqU3qQnKbKooYcau IAUA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710898674; x=1711503474; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Qa1+P/K7aZ22V9n4YnO3tSIomhrwr3ADKElnwIiiJTU=; b=ejJ/Any1izbMwkkFVePKw3Z6tSxzOQUrNJ7r9cBX0mmoUlNuoBe3YuiZSx2+l8lcKm c4yiXUebnBMpyP5mrpyc2Y6aqOl5hqeERGgeAVrGBZYdhfvt53WbkVR3R3tBxU9LvRVd iujFAcu6PxWn9HKNbLCdHEZn59Fgy2rpKctS/1Z2mjtm1aGYnwFVgarfziZnH/RS5suC CMzmb+kSYCJZjQVw/jUl57mBox9BVQ2MHxOYK/cLDn7dPcypQnjCCSR7Wj9tozag6Oxd JnZ7QXLTLsqDnCtRnyHDXo8OzRNME+8QuXBslRQRTtS8yH9Rf6SgUA41/cP8UHNzLO+9 1EkQ==
X-Gm-Message-State: AOJu0YxUScOdw691gdjWIEN/M/bExZiXqAbn3SuE80PX24Q5mtyCk7hu F7/6Pk40XdapYBu6M65uzsdN6HzEXl3r2S+Eiy8MtDbRDgC7eLHt
X-Google-Smtp-Source: AGHT+IG96TUYfh834AIL0voY57poiwB9tF+mGq/UgtfDrHTAfMlPHj/niOZz3uBiYAb90xRtPGApOQ==
X-Received: by 2002:a05:6a20:7d8c:b0:1a3:646e:c3da with SMTP id v12-20020a056a207d8c00b001a3646ec3damr9761435pzj.3.1710898674159; Tue, 19 Mar 2024 18:37:54 -0700 (PDT)
Received: from ?IPV6:2404:4400:541d:a600:44b7:2c2e:2bc6:8707? ([2404:4400:541d:a600:44b7:2c2e:2bc6:8707]) by smtp.gmail.com with ESMTPSA id sm16-20020a17090b2e5000b0029df6fd2780sm254023pjb.9.2024.03.19.18.37.50 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 19 Mar 2024 18:37:53 -0700 (PDT)
Message-ID: <d45c977d-fa84-f131-711c-046a29bc2780@gmail.com>
Date: Wed, 20 Mar 2024 14:37:47 +1300
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0
Content-Language: en-US
To: "Rob Wilton (rwilton)" <rwilton@cisco.com>, Toerless Eckert <tte@cs.fau.de>
Cc: "ipv6@ietf.org" <ipv6@ietf.org>, Erik Kline <ek.ietf@gmail.com>, Lorenzo Colitti <lorenzo@google.com>, George Michaelson <ggm@algebras.org>, "Murray S. Kucherawy" <superuser@gmail.com>, Mahesh Jethanandani <mjethanandani@gmail.com>
References: <CAKD1Yr09GvBdHFqPAujGaJ-j4cLYX2yMLhMDB4b_GfEM-1SNYw@mail.gmail.com> <CAKr6gn3ektAdcMz2g230S3UZKoyMohc_3_t9Xi1QtAcDem3P1Q@mail.gmail.com> <bc63fd8e-4a04-535d-977d-cd102ae0fbae@gmail.com> <CAKD1Yr3hQOKYZ0JwOXf6z8d9r4cwggmUXApLWwdgCyNG9XYWVw@mail.gmail.com> <dd8b103c-33ad-962e-f26f-40bc89175a96@gmail.com> <CAMGpriVH2b_V5U9HMg5cz=zGB67qRZh=SZVrEyEWs=mTfbtvJw@mail.gmail.com> <Zfn_q3Q9duxGNXcf@faui48e.informatik.uni-erlangen.de> <394964de-7c3f-135e-6925-8bf7642eb486@gmail.com> <ZfoFtHD5oXVCczZq@faui48e.informatik.uni-erlangen.de> <9312fa5b-840c-426c-4bca-4612487beee6@gmail.com> <ZfoRr7NRcGP34iNj@faui48e.informatik.uni-erlangen.de> <29640466-c3df-49b9-0804-a0a11f8d8b8b@gmail.com> <LV8PR11MB8536FFC7C4FC63A4FB021D24B5332@LV8PR11MB8536.namprd11.prod.outlook.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
In-Reply-To: <LV8PR11MB8536FFC7C4FC63A4FB021D24B5332@LV8PR11MB8536.namprd11.prod.outlook.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: base64
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/wogAc_O9RlvEbKx6nyw9ExPsfQ8>
Subject: Re: [IPv6] rfc6874bis (was: Re: [v6ops] IPv6 link-local and URLs @ IETF119)
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2024 01:37:58 -0000
About "exploding RFC 4007", we have a global network that is at least 45% IPv6-enabled and embeds the current link-local model, so we do have to approach this very carefully. Like it or not, fe80::2e3a:fdff:fea4:dde7%7 and fe80::2e3a:fdff:fea4:dde7%wlp2s0 are very, very widely deployed.
For discussing current drafts this week, I think we have to set that aside.
Regards
Brian
On 20-Mar-24 14:21, Rob Wilton (rwilton) wrote:
> Hi Brian,
>
> Cc’ing Mahesh since he will have to decide whether to inherit my Discuss.
>
> Please also see comments inline …
>
> *From: *Brian E Carpenter <brian.e.carpenter@gmail.com>
> *Date: *Wednesday, 20 March 2024 at 10:23
> *To: *Toerless Eckert <tte@cs.fau.de>
> *Cc: *ipv6@ietf.org <ipv6@ietf.org>, Erik Kline <ek.ietf@gmail.com>, Lorenzo Colitti <lorenzo@google.com>, George Michaelson <ggm@algebras.org>, Murray S. Kucherawy <superuser@gmail.com>, Rob Wilton (rwilton) <rwilton@cisco.com>
> *Subject: *Re: rfc6874bis (was: Re: [v6ops] IPv6 link-local and URLs @ IETF119)
>
> On 20-Mar-24 11:29, Toerless Eckert wrote:
>> On Wed, Mar 20, 2024 at 11:05:27AM +1300, Brian E Carpenter wrote:
>>>> Ok. Did this happen ? No IESG member beside Murray had a discuss,
>>>
>>> Rob Wilton also holds a DISCUSS. Francesca Palombini supported Murray's DISCUSS.
>>
>> I actually very much support Robs comments, but i think they are easy to address. Aka: I wish we would explain and allow
>> both zone_name and zone_id,
>
> If you mean %1 if eth0 happens to be interface #1, that isn't contentious. It works today, but not in URIs. It's more that network devices use quite complex names with special characters, and may be case-sensitive, which is an absolute no-no in the host part of a URI.
>
>> as used in routers in the field to make useful progress over
>> rfc6874.
>>
>> There is also the more fundamental naming issue unveiled by the discussion and Davids comment/writeup,
>> that what we call zone_id/zone_name are not really what one expect to be that, because they are
>> randomnly locally allocated instead of assumed to be consistent across the nodes participating in the
>> zone. So we should add explanation, if not name improvements to highlight this limitation ("local_zone_name"/
>> "local_zone_id" - or honeslty, even "interface_name", "interface_id")
>
> That's well understood and isn't really an issue for the URI discussion.
>
> Whether we should explode RFC 4007 and tackle this issue is a much bigger question with many implications.
>
> I think that this may be a better path … I.e., by trying to avoid opening up RFC 4007, I wonder if we will just remain stuck in the mud.
>
> I still think that if you want to use an interface identifier to identify a link-local zone that the solution support arbitrary case sensitive strings. I also believe that in YANG models that if such zones need to be specified then it should be a separate interface name leaf rather than trying to combine that into the IP address definition.
>
> Not an IPv6 expert so perhaps missing something basic … but, more fundamentally, I think that we should investigate to see if a solution is available where no separate zone identifier string is required at all, and instead the zone scoped information is embedded directly into the allocated IP address. E.g., allocate an extra device-local v6 address (beyond the existing interface link-local address) where each interface on the device is on a different network, and thus the local IP address uniquely identifies the interface on the device without needing any separate zone identifier string. I appreciate that would be a lot more work to specify (e.g., protocol changes to allocate them, etc, and so not a quick fix). And perhaps I’m missing something obvious as to why this wouldn’t work and end up being a cleaner solution by allowing interface zone identifiers to be removed altogether.
>
> E.g., I think that the address could look something like:
>
> <some fixed prefix> - <a unique allocated network, negotiated/agreed with connected peers> - <a unique host address on that network, negotiated/agreed with connected peers>.
>
> Unless I’m mistaken, currently link-local addresses only have the 1^st and 3^rd part and hence a zone identifier is required for the second part when being used outside the scope of the interface, and that, at least to me, seems to be the source of the problems.
>
>
> Regards,
>
> Rob
>
>
>
> Brian
>
>>
>>>> and it would be a sad state of
>>>> affairs if now all of a sudden, the rest of the IESG would buy into his business argument.
>>>
>>> I'll leave Murray to respond, but the arguments from the W3C side are not really business related.
>>
>> Please read David Schinazi's draft, especially https://www.ietf.org/archive/id/draft-schinazi-httpbis-link-local-uri-bcp-03.html#handling <https://www.ietf.org/archive/id/draft-schinazi-httpbis-link-local-uri-bcp-03.html#handling>.
>>
>> "If it's clear the browser community does not want (and maybe will not implement) this, what is our justification for proceeding? In particular, that fact appears to me to eliminate half of the supporting use cases presented in Section 1."
>>
>> I simply don't think we should constrain our specifications for IPv6 based on a snapshot
>> of what likely amounts to two browser core implementations (maybe three). If we would have
>> used the same logic at the start of IPv6 we would be nowhere. If/when the browser community
>> comes back with a better proposal, fine, then we'll update the rfc again.
>>
>> I also think the use-case list is incomplete. It does not list the use of URLs in any form
>> of programming language, such as anything that uses URLs for API calls, such as restconf. Those
>> applications may not need to apply the same origin concept (ability to only refer to URLs with same
>> origin for example.
>>
>> And also as mentioned in before: the origin concept is already broken for non-zones linklocal IPv4/IPv6
>> addresses, and IPv4 link local addresses are happily used in probably billins of browser
>>
>> (let me configure my router on 192.168.1.1 - oh wait, why the heck does this look like the web page
>> of my backup internet router web page on my second SSID... ;-)
>>
>>> I agree that "we won't implement" in itself is not an argument the IETF should weight too heavily.
>>>> Also the origin argument AFAIK does not apply to all use of URL for which rfc6874(bis) applies.
>>>> And the origin problems also exist for other cases (e.g.: non-zoned IPv4/IPv6 link local addresses),
>>>> and browsers also simply live with those problems.
>>>
>>> Sure, and the browser community is very concerned about this. Hence https://wicg.github.io/private-network-access/ <https://wicg.github.io/private-network-access/>
>>
>> Thanks... need to figure out if/what they imply in that text about avoe example dual SSID
>> with same addresses case.
>>
>> Cheers
>> Toerless
>>>
>>> Brian
>>>
>>>>
>>>> Cheers
>>>> Toerless
>>>>
>>>>> Brian
>>>>>
>>>>>>
>>>>>> Cheers
>>>>>> Toerless
>>>>>>> Murray Kucherawy has offered to try to drop in for this discussion, if
>>>>>>> he can step away from his working group when the topic comes up.
>>>
>>
>
- Re: [IPv6] [v6ops] IPv6 link-local and URLs @ IET… Brian E Carpenter
- Re: [IPv6] [v6ops] IPv6 link-local and URLs @ IET… Toerless Eckert
- Re: [IPv6] [v6ops] IPv6 link-local and URLs @ IET… Toerless Eckert
- Re: [IPv6] [v6ops] IPv6 link-local and URLs @ IET… Brian E Carpenter
- Re: [IPv6] rfc6874bis (was: Re: [v6ops] IPv6 link… Toerless Eckert
- Re: [IPv6] rfc6874bis (was: Re: [v6ops] IPv6 link… Brian E Carpenter
- Re: [IPv6] rfc6874bis (was: Re: [v6ops] IPv6 link… Rob Wilton (rwilton)
- Re: [IPv6] rfc6874bis (was: Re: [v6ops] IPv6 link… Brian E Carpenter
- Re: [IPv6] [v6ops] IPv6 link-local and URLs @ IET… Murray S. Kucherawy
- Re: [IPv6] [v6ops] IPv6 link-local and URLs @ IET… Erik Kline