Re: [jose] thoughts on deployed code and breaking changes
Phil Hunt <phil.hunt@oracle.com> Thu, 13 June 2013 18:43 UTC
Return-Path: <phil.hunt@oracle.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 537AA21F9A47 for <jose@ietfa.amsl.com>; Thu, 13 Jun 2013 11:43:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.282
X-Spam-Level:
X-Spam-Status: No, score=-6.282 tagged_above=-999 required=5 tests=[AWL=0.317, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NcCvEt1zjF3c for <jose@ietfa.amsl.com>; Thu, 13 Jun 2013 11:43:44 -0700 (PDT)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) by ietfa.amsl.com (Postfix) with ESMTP id 1FF8321F8BB7 for <jose@ietf.org>; Thu, 13 Jun 2013 11:43:43 -0700 (PDT)
Received: from ucsinet22.oracle.com (ucsinet22.oracle.com [156.151.31.94]) by aserp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r5DIhgS2012139 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 13 Jun 2013 18:43:43 GMT
Received: from aserz7022.oracle.com (aserz7022.oracle.com [141.146.126.231]) by ucsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r5DIhf0O028663 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 13 Jun 2013 18:43:42 GMT
Received: from abhmt117.oracle.com (abhmt117.oracle.com [141.146.116.69]) by aserz7022.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r5DIhfKv018011; Thu, 13 Jun 2013 18:43:41 GMT
Received: from [192.168.1.128] (/24.86.29.34) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 13 Jun 2013 11:43:41 -0700
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: text/plain; charset="us-ascii"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <DD357551-474C-469B-BE1B-19AE1B459EF0@isoc.org>
Date: Thu, 13 Jun 2013 11:43:38 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <664F0FD7-8DC5-4EAD-86B3-E231359B0A06@oracle.com>
References: <DD357551-474C-469B-BE1B-19AE1B459EF0@isoc.org>
To: Karen O'Donoghue <odonoghue@isoc.org>
X-Mailer: Apple Mail (2.1283)
X-Source-IP: ucsinet22.oracle.com [156.151.31.94]
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] thoughts on deployed code and breaking changes
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jun 2013 18:43:49 -0000
When I hear arguments like we can't consider BSON because it requires breaking changes, the hair on the back of my neck raises. If BSON support requires breaking change now, than it can NEVER be supported down the road. To me that makes the issue an omission. Per section 4.1.1 of RFC2026: > A Proposed Standard should have no known technical omissions with > respect to the requirements placed upon it. However, the IESG may > waive this requirement in order to allow a specification to advance > to the Proposed Standard state when it is considered to be useful and > necessary (and timely) even with known technical omissions. I think there has been *some* discussion on the issue. But far too many do not want to discuss because of the possibility of breaking change, so no conclusion can be made as to whether this is an omission or not. Finally, while the drafts are relatively stable, we are not officially stable. Anyone implementing now should know this. I point out that the drafts have not been approved as PROPOSED STANDARD yet, so changes should be expected. Again, I have no opinion on this issue, but I am concerned about the lack of on-topic discussion. Size has always been a major driving factor in the JOSE discussion. It does seem on topic to me that the B64 support method for binary doesn't meet the design criteria that has been used regarding small size. I don't necessarily think binary has to be solved now. But important questions must be discussed. Is there a way binary can be supported? Can BSON be delayed into a future draft without breaking the current drafts? If there is any sense of breaking changes, NOW is the time to make those changes - not later. Finally, I was surprised to learn that 2026 doesn't even require deployed code in PROPOSED STANDARD. That just points out that these drafts are still incredibly *early* in their design despite assertions of stability. The fact that many are in production doesn't mean the process gets skipped. We cannot assume DRAFT STANDARD status when we aren't even at PROPOSED STANDARD status. Phil @independentid www.independentid.com phil.hunt@oracle.com On 2013-06-13, at 11:04 AM, Karen O'Donoghue wrote: > Folks, > > I *personally* believe the time for major breaking changes is past for this version of the specification. I believe we are now in the phase of final corrections and minor tweaks for a v1.0. We scheduled an interim meeting in April to get all remaining issues on the table and discussed. These specifications have been evolving for a long time. I am sure that they could be improved in a myriad of ways, but at this point, without a strong rationale and a ground swell of working group support, we should work to complete what we have. Any major refactoring or new functionality should be deferred as future work. At that time, we can work to "break cleanly with existing code." We better serve the IETF and the broader community by getting these specifications out the door. > > We will have an interim teleconference Monday (with a few more possibly to follow) to review the implementation of the interim discussions and to discuss any final issues. I strongly encourage folks to review the specifications and the minutes of the interim with that in mind. > > Regards, > Karen > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose
- [jose] thoughts on deployed code and breaking cha… Karen O'Donoghue
- Re: [jose] thoughts on deployed code and breaking… Phil Hunt
- Re: [jose] thoughts on deployed code and breaking… Richard Barnes
- Re: [jose] thoughts on deployed code and breaking… Karen O'Donoghue