IETF Logo Mail Archive

Re: [Last-Call] [art] Artart last call review of draft-ietf-6man-rfc6874bis-02

Vasilenko Eduard <vasilenko.eduard@huawei.com> Mon, 19 September 2022 08:56 UTC

Return-Path: <vasilenko.eduard@huawei.com>
X-Original-To: last-call@ietfa.amsl.com
Delivered-To: last-call@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0BE6FC14EB1E; Mon, 19 Sep 2022 01:56:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.665
X-Spam-Level:
X-Spam-Status: No, score=-0.665 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NUMERIC_HTTP_ADDR=1.242, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JR8GuAY-BBxq; Mon, 19 Sep 2022 01:56:31 -0700 (PDT)
Received: from frasgout.his.huawei.com (frasgout.his.huawei.com [185.176.79.56]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C372CC14F728; Mon, 19 Sep 2022 01:56:30 -0700 (PDT)
Received: from fraeml712-chm.china.huawei.com (unknown [172.18.147.200]) by frasgout.his.huawei.com (SkyGuard) with ESMTP id 4MWJQd6XS2z67wtW; Mon, 19 Sep 2022 16:54:49 +0800 (CST)
Received: from mscpeml100002.china.huawei.com (7.188.26.75) by fraeml712-chm.china.huawei.com (10.206.15.61) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 19 Sep 2022 10:56:27 +0200
Received: from mscpeml500001.china.huawei.com (7.188.26.142) by mscpeml100002.china.huawei.com (7.188.26.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 19 Sep 2022 11:56:26 +0300
Received: from mscpeml500001.china.huawei.com ([7.188.26.142]) by mscpeml500001.china.huawei.com ([7.188.26.142]) with mapi id 15.01.2375.031; Mon, 19 Sep 2022 11:56:26 +0300
From: Vasilenko Eduard <vasilenko.eduard@huawei.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, "Roy T. Fielding" <fielding@gbiv.com>, Martin Thomson <mt@lowentropy.net>
CC: "art@ietf.org" <art@ietf.org>, "draft-ietf-6man-rfc6874bis.all@ietf.org" <draft-ietf-6man-rfc6874bis.all@ietf.org>, "ipv6@ietf.org" <ipv6@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
Thread-Topic: [art] Artart last call review of draft-ietf-6man-rfc6874bis-02
Thread-Index: AQHYygM1jmXr2JP7TUixm271/sBwRK3iVPEAgACB7YCAA54Y8A==
Date: Mon, 19 Sep 2022 08:56:26 +0000
Message-ID: <4b86635745c744a4ac1f28ea7bde4197@huawei.com>
References: <166335671066.41888.11681289954866903154@ietfa.amsl.com> <F2A03494-7559-4E5A-99AE-243E1F547A71@gbiv.com> <4eae538a-ebb5-0a12-da26-81950cc79697@gmail.com>
In-Reply-To: <4eae538a-ebb5-0a12-da26-81950cc79697@gmail.com>
Accept-Language: zh-CN, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.81.192.124]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/last-call/WJaqfbtBv8xSQhvli-ySgqwp1fU>
Subject: Re: [Last-Call] [art] Artart last call review of draft-ietf-6man-rfc6874bis-02
X-BeenThere: last-call@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IETF Last Calls <last-call.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/last-call>, <mailto:last-call-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/last-call/>
List-Post: <mailto:last-call@ietf.org>
List-Help: <mailto:last-call-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/last-call>, <mailto:last-call-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Sep 2022 08:56:35 -0000

I believe too that IPv6 fundamentally needs the capability to address LLA (address types) in applications.
Maybe proposed is not the best way. Is it possible to hear alternatives from everybody who said "No"?
Eduard
-----Original Message-----
From: ipv6 [mailto:ipv6-bounces@ietf.org] On Behalf Of Brian E Carpenter
Sent: Saturday, September 17, 2022 7:33 AM
To: Roy T. Fielding <fielding@gbiv.com>; Martin Thomson <mt@lowentropy.net>
Cc: art@ietf.org; draft-ietf-6man-rfc6874bis.all@ietf.org; ipv6@ietf.org; last-call@ietf.org
Subject: Re: [art] Artart last call review of draft-ietf-6man-rfc6874bis-02

Roy,

On 17-Sep-22 08:48, Roy T. Fielding wrote:
>> On Sep 16, 2022, at 12:31 PM, Martin Thomson via Datatracker <noreply@ietf.org> wrote:
>>

<snip>

> [1] 
> https://mailarchive.ietf.org/arch/msg/last-call/4vEKZosvKvqJ9cufSm5ivs
> Cho_A/ [2] https://url.spec.whatwg.org/#concept-host-parser


> 
> ditto
> 
> I will add that this work was not discussed on the uri mailing list, 
> which is the responsible forum for updates to RFC3986.

Hmm. I don't recall anybody on the DISPATCH list telling us that.

> Also, the chosen syntax of % to indicate a zone ID is not, and will 
> never be, compatible with any implementation of URIs on the server 
> side because we need to strictly prohibit client-provided data in host 
> that might later be misinterpreted as a control character or space or 
> delimiter after percent-decoding, including a bare % error-case being 
> handled differently on one server than it is handled on a downstream recipient.

That's incompatible with Martin's reference to [2] above. And it doesn't seem to be a problem if you obey the percent-encoding rules in the ABNF either.
  
> IOW, this is not only incompatible with 3986, but cannot be 
> implemented without potentially adding request and response smuggling 
> vulnerabilities down the chain.

Down what chain? These are Local Resource Identifiers that will never travel more than one hop.

> It's not as if Appendix A doesn't recognize these problmes
> 
>             Disadvantage: requires code changes to all URI parsers.
> 
> and then blithely ignores the fact that it is impossible to change the 
> code of all deployed URI parsers, even if we wanted to do so.

Obviously, we're not talking about backwards compatibility with legacy systems. In many cases, it will simply fail. But as I mentioned in my reply to Martin, at least some existing servers apparently aren't troubled by it.
  
> The short answer is that, no, this cannot be an update to RFC3986.
> The stability of that standard is far more important than this use case.

It's strictly an extension, not an amendment. So how does it create instability?

> In the incredibly rare occasions

It isn't "incredibly" rare. Now that IPv6 is getting close to the tipping point, it's surely going to be as common as http://192.168.178.1

> when one might want to refer to a
> link-local address, it should be done via a separate attribute, or via 
> a compatible syntax extension that doesn't deliberately break the 
> existing implementations.

Can you describe those in a bit more detail? What would that give us in place of http://[fe80::1%eth0] ?

Regards,
    Brian


> 
> Cheers,
> 
> ....Roy T. Fielding, Senior Principal Scientist, Adobe
> 

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email