IETF Logo Mail Archive

Re: [irtf-discuss] Usable formal methods side meeting at IETF 115

Buday Gergely <buday.gergely.istvan@uni-mate.hu> Tue, 08 November 2022 07:23 UTC

Return-Path: <Buday.Gergely.Istvan@uni-mate.hu>
X-Original-To: irtf-discuss@ietfa.amsl.com
Delivered-To: irtf-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FE05C1522A9 for <irtf-discuss@ietfa.amsl.com>; Mon, 7 Nov 2022 23:23:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.608
X-Spam-Level:
X-Spam-Status: No, score=-6.608 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, GB_ABOUTYOU=0.5, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=uni-mate.hu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sa7n2vJOvavD for <irtf-discuss@ietfa.amsl.com>; Mon, 7 Nov 2022 23:23:15 -0800 (PST)
Received: from mx1.szie.hu (mx1.szie.hu [192.188.242.66]) by ietfa.amsl.com (Postfix) with ESMTP id 3D54CC14CE3E for <irtf-discuss@irtf.org>; Mon, 7 Nov 2022 23:23:14 -0800 (PST)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05lp2104.outbound.protection.outlook.com [104.47.18.104]) by mx1.szie.hu (Postfix) with ESMTPS id 4N5zw12x9Kz3K; Tue, 8 Nov 2022 08:18:09 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uni-mate.hu; s=uni-mate; t=1667891889; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=OcLZp7DmFRkHeWsshzXs29r+QyFe1EnyNS3ECJ8cBVs=; b=eFqxj/nWiY2RhzIaoyPKZqirGn5k6R5OefhZFNWTH5ass1VuRMlq7Z0rV4wfbQ78F7YfL+ V5B8YJK8D6YS7eHwBvLuiBe5MKb2gqTy2e1CR7nAGBAqFtBLseM9nGBxDPmbge7urHg9En MNEpYjcfhd7O1eGVxqPItLy1mO1vX6E=
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=i0thxbTu3ED96JSzO1tijeJJx4B+vfSIo8GQus6DN4PtP6De7LZnirB0isb1o39uvhGqOIUZ4q513zrFa9lRIgW92mDP2D+XNkW/jfTdEc2W32x9zDmiA/Dr+kcHC3O5G98G+hyxRmqchssOHHb4oXQjtRlPOQ9+GSTR67iSV3sWCZxHLIx/Ope5VyX59/N+YW7e0xfS59ODpKsYtIqeVuXswV3IPnD3TgWsFbXVLsC2QGJSibfcSO/f2b6BrAc/lggaoMrVc78clUNZJYPc7Q73GFbQmxuPtZZWYJusQnAlux9BfbUPFUSym+Nlm452srg3mVsQlWwoDLOJBlZGWQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OcLZp7DmFRkHeWsshzXs29r+QyFe1EnyNS3ECJ8cBVs=; b=oTuTCzY8wTo4USqBE1PP0s/CJ9Wt7bCTB2Ndb8vJm15bwT4DEbjRiNm0Z3d70tQt/Xcnz/vPvxITw/5w2svHoZu7bsFsiPm0UHMyAdogdRYKvqJn5Hu/0nYq27mBRjIvjg2kzyKHMHyOnTmxe5MI7itywon0CMA046Z8skpcU7dGLuhzkSQX1n0IecVL0adO+P7/CtJVBxOi1hkfdoAdFrcxPpGSpeUjek9nI2XbRPaaOlVQ7fCaC68G9InzJehc6dZuL1c2lisCMCCf4yhH49Ab2uj2JVHK7s6xfLgU5nPm0Wa2Hrf5JODXarL3pqzNhM9VBzdzIh8LKN9IJcK3JQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uni-mate.hu; dmarc=pass action=none header.from=uni-mate.hu; dkim=pass header.d=uni-mate.hu; arc=none
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=uni-mate.hu;
Received: from PA4PR06MB8572.eurprd06.prod.outlook.com (2603:10a6:102:2ab::11) by PAXPR06MB8376.eurprd06.prod.outlook.com (2603:10a6:102:22a::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.27; Tue, 8 Nov 2022 07:18:08 +0000
Received: from PA4PR06MB8572.eurprd06.prod.outlook.com ([fe80::b20e:573a:6991:a96a]) by PA4PR06MB8572.eurprd06.prod.outlook.com ([fe80::b20e:573a:6991:a96a%9]) with mapi id 15.20.5791.025; Tue, 8 Nov 2022 07:18:07 +0000
Message-ID: <439e42fe-0070-bcd8-602d-33f750224a44@uni-mate.hu>
Date: Tue, 08 Nov 2022 08:18:06 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.4.1
To: Sampo Syreeni <decoy@iki.fi>
Cc: Colin Perkins <csp@csperkins.org>, irtf-discuss@irtf.org, 115attendees@ietf.org
References: <C91D3863-37D3-4E09-B1F9-588C316240CD@csperkins.org> <281e560d-0b89-53a5-de75-bfe68004917c@uni-mate.hu> <f03ea379-b15f-81b-76fa-f893a57f527@lakka.kapsi.fi>
Content-Language: en-GB
From: Buday Gergely <buday.gergely.istvan@uni-mate.hu>
In-Reply-To: <f03ea379-b15f-81b-76fa-f893a57f527@lakka.kapsi.fi>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-ClientProxiedBy: VI1PR0802CA0007.eurprd08.prod.outlook.com (2603:10a6:800:aa::17) To PA4PR06MB8572.eurprd06.prod.outlook.com (2603:10a6:102:2ab::11)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: PA4PR06MB8572:EE_|PAXPR06MB8376:EE_
X-MS-Office365-Filtering-Correlation-Id: 80427fe3-63a0-4c9c-5244-08dac1596293
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: fFmiIpJYD14OPOfrpALCf+FPGOr/8QkJbdIikCXVlrJjP+X3Q4hAqiBqiXSo2Ef4wPrj6R6ffEDN7KVsHfYgfapvtymkyqQGIhqP9+hVgsr22qe5KpfodXZFX28uwzSKgtdrMRSWkjbvv/ToDs84KVkVk5NH26hPxw5PfxCYRlurcYE4Ngl5paAMe6Ju2l3lnNmwWKQcYViyB7QOmZ91HQKF41lpksPiXC0jJMLx/Nk8tAkhgWe7jq9LG2qMwdJevdfaK6PhRNOKSibTO9iQrOKeZmEI+IFHF+Mqz0Xx3qHJ7JxJzOVg5VV71WUiQz2Ie7hJSkhgxo3Kgj/YNOG7VoBgeVT7s/zKQA3c5DCit1yzneSYzgB52T/6xEtfaQaSxsxcb4n65bGdzycTFDWV+RWTny7aqc7FuOaTybw0NITHmBhyYOObAuQMdQCrPGfYAejh9Arw3BBjrsoyBjQ79CkpgOnui3MJD2+9TVO3v51mo0iQB5fUPGZTMvbEA3d2UxWYFfgqOc1jdoeUidBiUs0fcNjhD/N3hnY3R9rm1wr37jAnuh+HkbKYk3zeUR+2k9mPpV34B+AwOhZkKMOTRICI+4pCfV3IkzGy5tDcCmIzXffz6hYPICa8Q5y7nCtU5d1xc13955+XVHbN3rK/2mZrwkajkEM8PlEyLpWoiAYlXwjU6aPsoja+GVr9VpD7Iic1rjp1GkzDO5of5PtAkpSbSMc2svXpf2rYo2QVxT9Z/ftW4prsmRtwNYaCXDlYt5V2CAdhoziU1280QKQw+BL3A3OISNZ6rjYxAySrnTc=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PA4PR06MB8572.eurprd06.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(366004)(346002)(136003)(376002)(39850400004)(396003)(451199015)(86362001)(31696002)(36756003)(2906002)(5660300002)(6506007)(6512007)(83380400001)(66574015)(38100700002)(186003)(2616005)(66946007)(66476007)(66556008)(786003)(316002)(31686004)(6916009)(8676002)(4326008)(8936002)(41300700001)(478600001)(6486002)(43740500002)(45980500001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: nDLmmt7YR29WV5Knp13rR6E3PqWGcgsvEoAOgSeqoUvBOnC3Ex6K6FG2TY4+/kAenFWbcgU7LvoKfLHNhzMOiEluy/8DPWfPAmigYfYfUwEGCaFQOQuJ04Av0TuRAY6i01kcOIW+6bityeNy+pmNToufoz5HPlDoN0iaefjdgzHCASnO0V6AOwzOdG8BsSPpFEYoQ4z5S+7rPHt9p3lMqQTnGuB7DwXGkLfWxAM5hNxrRGYigG9K7wm9uAwvAy8QKJSZ4qEL+Q55+U41JPckZ6hq7WHolzvW6fIIhHIJnkoJFpT3YA0cYtIWhCtloYFfostYcHTi5uPtsYfiDEcncELXnSafaenzmcouJEuZnIPQR1fNAbuENN6b/ENsKt+R1+jKzI+7p5ZUix2gLNKxYr0NJaPW5WjgaT6yTRqqJQxDS4qOSkkCauANCR6VILDvEL6cru7bvzxAYzGpoPj+A9zIEtChiSR0VDsFuJxD0KvU9oG4bGzDFQVSAwtCyBWL2uWSgpYYxh4/LSp0w5HhxH/RTyPl5TDwHpUKXvInKT9jtFpvU3zSTLGXn+bsWsBUNXNHod97cd8e1Et/10h+uEVFLcqjXIVZRaOPEkXdh5cpZpQIk2sY9UCn4YY2rgBrKJVbUQJAPZLRyft9WZBTyHAmxGEIcNudP8XfmH9HbU6PsDftgiyaOs6lOW/06VTBvJPGtvF6O/o9NJ+i94fD7gakENULq3MATMjA80dXHnuAu+KrYCoB/DXrJv5aWSpcnScS20IXYM5BNAFmMG5zxaEBCecbc2vPNXfeumfbNhfH3hoRR/68TstA2FR+PBVSewQM1DoKEmkuEF+Qn+0spaNqMQOXYYsNmQbfrmbIoGfwER6ISBZjjr8Ws29hlqXTDGfvDZCPldsLW849QJ3061qnDbnGMIAGk/dDVTaOLWt61FU+jHX1HUF/Sng0Yme7qlqdjuUWLgRWTq3PczHL7EeSR5n6NEZF34XKIbm2MNSVCSRggBp0vAs9f6juTIzEjjoXLaK1bg06bCwUy2Q0Tb7owKz7b4vpEemgGqx9Sl/gO+OtiAZCOU1NHMPA+h6lx2Ukin4llDMf/EZ1EoPx5r9AZ8yL+gNUksBgR1OXuRj3yvsn7Tky9dB5MK5Su79e4wtjYIryRLTBIbIhbe6q5dQDCK+kn9UKUcCaaTMEhTAXMrF8GjE33YKjv2ATyDpE9SZM20cQlIqBohN0V5nwfVkozIALImFOpgOUO4jkLBZ1Rh8mcqM3KN+YIGKz5xiuAZ04J6fsmd5gT89x3Z2QjdRxa8B/yjw5IWN77BW5JBjr3l9iZKFdma8gKsE6zDu4Lahf/yToXixBX/zF5R6MGU3obW5dHYXV+WAqOYCmnfw8QIfXa5MOxoJqy4Ur7tXOcsghRbgh7Lnu8XHjdt5mlYo953z5wgRUsw9gG2Ue3rYjdIZntA0efKABxThcbO3uH5l9//JQ8nQ6KxHxhdthx3d4kw57QEwBKlIRegMMRLVbySMdOeeYIgIL971FnCJUqU0Nm7Ucqyhv8oyjEsh2hYLDxt9p2GBGBsnC+FBDJFBSWvIXjxgdrLY4+TlEx7aMtfB8X76C8zly2M3ySs3kOaeakl7XJjkBn7Mx2hwQ+Bh7qxbNhsw5ueWrJNnb3NSi
X-OriginatorOrg: uni-mate.hu
X-MS-Exchange-CrossTenant-Network-Message-Id: 80427fe3-63a0-4c9c-5244-08dac1596293
X-MS-Exchange-CrossTenant-AuthSource: PA4PR06MB8572.eurprd06.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Nov 2022 07:18:07.7668 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: b6ad7b0a-cc14-418c-8492-54b2753f96a4
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: jnFAg3VmuFda3MrZInoI2fxEkU1PbpRPqk1TYTXoo3w0nCTdiWPhEXJF81SdOhn4YqRw70e6H98dlisFrPD0VQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAXPR06MB8376
Archived-At: <https://mailarchive.ietf.org/arch/msg/irtf-discuss/8xXY8yMFjuiGnSkYAYKVhSe5-Ww>
Subject: Re: [irtf-discuss] Usable formal methods side meeting at IETF 115
X-BeenThere: irtf-discuss@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IRTF general and new-work discussion list <irtf-discuss.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/irtf-discuss>, <mailto:irtf-discuss-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/irtf-discuss/>
List-Post: <mailto:irtf-discuss@irtf.org>
List-Help: <mailto:irtf-discuss-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/irtf-discuss>, <mailto:irtf-discuss-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Nov 2022 07:23:21 -0000

Hi Sampo,

you wrote:

11/7/2022 10:06 PM keltezéssel, Sampo Syreeni írta:
> I think English should augment formal specifications as it could 
> ignite debate whether the formalisation is correct and unambigous.
>
> Here I'd go more with the literal programming idea, and coloring your 
> statements with comments. Because if you really formalized your 
> protocol fully, so that the formal description really is whole and 
> binding, there is no need for debate. It just is or isn't valid.

Formal verification can check whether a system conforms a specification. 
But there's always a question whether the specification conforms reality.

You can prove theorems about your definitions with a theorem prover, but 
are your definitions right? This is another type of code review that 
protocol experts should do.

>
> As such English (why not other languages) simply serve to explain to a 
> human, what the intended semantics of the protocol and its data 
> formats are meant to be.

Formal logic does not stand in itself, there are always thoughts about 
the protocol, system etc. that should be expressed in plain English to 
ease understanding. At all, for many formal methods practitioners, the 
main goal of formal verification is to better understand our designs, 
let the computer do the "trivial" stuff.

- Gergely

v2.23.0 | Report a Bug | By Email