IETF Logo Mail Archive

Re: [P2PSIP] Breaking RELOAD [was Re: Identity certificate segregation]

Marc Petit-Huguenin <petithug@acm.org> Sat, 16 July 2011 18:12 UTC

Return-Path: <petithug@acm.org>
X-Original-To: p2psip@ietfa.amsl.com
Delivered-To: p2psip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB54321F8745 for <p2psip@ietfa.amsl.com>; Sat, 16 Jul 2011 11:12:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.59
X-Spam-Level:
X-Spam-Status: No, score=-102.59 tagged_above=-999 required=5 tests=[AWL=0.010, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qna+eI8lKikE for <p2psip@ietfa.amsl.com>; Sat, 16 Jul 2011 11:12:51 -0700 (PDT)
Received: from implementers.org (implementers.org [IPv6:2604:3400:dc1:41:216:3eff:fe5b:8240]) by ietfa.amsl.com (Postfix) with ESMTP id C1F3821F86E6 for <p2psip@ietf.org>; Sat, 16 Jul 2011 11:12:50 -0700 (PDT)
Received: from [IPv6:2001:55c:4c15:5f80:213:d4ff:fe04:3e08] (unknown [IPv6:2001:55c:4c15:5f80:213:d4ff:fe04:3e08]) by implementers.org (Postfix) with ESMTPS id 1F8DE2199E; Sat, 16 Jul 2011 20:11:08 +0200 (CEST)
Message-ID: <4E21D49F.9000100@acm.org>
Date: Sat, 16 Jul 2011 11:12:47 -0700
From: Marc Petit-Huguenin <petithug@acm.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.18) Gecko/20110626 Iceowl/1.0b2 Icedove/3.1.11
MIME-Version: 1.0
To: Cullen Jennings <fluffy@cisco.com>
References: <BANLkTikuy8qpZ42Zod1YK2+iYv1ib6=Yag@mail.gmail.com> <1307629878.30919.87.camel@toedo> <4DF0FD49.3020505@acm.org> <1307641649.5184.17.camel@santeles> <4E00F7CE.7080402@acm.org> <4E0DB3EC.1040705@ericsson.com> <B3E5E380-1759-4B9A-9556-CEC4E6383D59@cisco.com> <4E207F1C.9080500@acm.org> <B6B03151-D0EA-4357-A9CF-746E59796B5D@cisco.com>
In-Reply-To: <B6B03151-D0EA-4357-A9CF-746E59796B5D@cisco.com>
X-Enigmail-Version: 1.1.2
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: P2PSIP WG <p2psip@ietf.org>
Subject: Re: [P2PSIP] Breaking RELOAD [was Re: Identity certificate segregation]
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Jul 2011 18:12:52 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/16/2011 09:41 AM, Cullen Jennings wrote:
> 
> I think all the people that implemented early version know that changes can,
> and will,   break backwards compatibility. I don't recall very many places
> where I used this as augment for one way or another. I recall some places
> where it was 6 of one of half a dozen of the other and it made no fundamental
> difference to the protocol so we decided to go which what was already
> implemented.

Well, I kind of disagree here.  The problem is that *future* implementers will
not have access to the whole history of the development of the RELOAD protocol
when trying to decipher the specification.  The RELOAD specification is *not*
developer friendly (but it is not specific to this spec).  I am still not saying
that a protocol must be developer-friendly, just that the text describing it
should be, and that when it makes no fundamental difference to the protocol,
making it easier for future developers should have priority over not breaking
compatibility.

> 
> That said some types of changes are very easy to move into a fully
> operational deployed DHT. Others are not. For example, a change that you can
> detect the version number and then just have the software do the right things
> is pretty easy particularly if both the new code and old code can exist in
> the ring at the same time. A change where every device in the ring needs to
> get a new certificate and you can' have a mixed ring with the old and new
> certificates at the same time is not easy to deploy.

I still do not see this as a good reason to stop fixing stuff in the protocol.
What is the point of having internet *drafts* if they are to be considered as
standard track RFCs?

> 
> To the point of this specific proposal for change. This fundamentally changes
> the security model and nearly every part of this protocol that has anything
> to do with security - which is most of it. The suggestions is several years
> late - it was many years ago that this WG made the decision about what the
> general security model was doing to be. If people want this, it seems like a
> fine thing to do in version 2.0 of the protocol. Thought my previous email
> suggested that one could look at doing it in an extension, closer examination
> of that makes me think there would be some real hard problems in trying to do
> that as it requires all the security component to be re-thought and
> redesigned. 

OK, now we agree.

> Given the current level of energy in the WG, that would take
> several years to happen. I have pretty much zero interest in doing that, I'd
> like to actually have an RFC for this in the next year instead of several
> years from now. As practical improvement of the protocol, I have not seen a
> single use case proposed where this improves things so much we can actually
> do something interesting that we can no do with the current proposal.
> 
> 
> 
> On Jul 15, 2011, at 10:55 , Marc Petit-Huguenin wrote:
> 
> On 07/07/2011 03:34 PM, Cullen Jennings wrote:
>>>> 
>>>> This would break all the current deployments and implementation and not
>>>> just in a way where some new software would need to be pushed out - all
>>>> new certificates would need to be issues. From my point of view, this
>>>> is too late for this change and instead it could be addressed with an
>>>> extension.
> 
> About this "breaking current deployment" thing, it seems to me that anyway
> when RELOAD will be published as an RFC, the version number with be
> incremented to 1.0 (0x0a), so implementations of the RFC will *not* be
> compatible with *any* of the current implementations.  And because of this, I
> really do not understand why the authors of RELOAD are fighting so hard to
> not break things that will be broken anyway - there was multiple instances of
> things that could have been improved in the document but stayed because of
> this (the fragment bit is one example of this).  Having been there multiple
> times I really understand the plight of early implementers but I would never
> ever use this as a justification to keep useless stuff in a protocol.  What
> should have been done is simply to increment the version each time a new
> version of the draft would have broken interoperability - and we had the
> possibility to do that 8 times (versions 0.1 to 0.9).
> 
>>>> 
>>>> On Jul 1, 2011, at 5:47 AM, Gonzalo Camarillo wrote:
>>>> 
>>>>> Hi,
>>>>> 
>>>>> please, let me know whether or not these modifications will be
>>>>> included in the base draft at this point.
>>>>> 
> 
> [...]
> 
>> 

> Cullen Jennings For corporate legal information go to: 
> http://www.cisco.com/web/about/doing_business/legal/cri/index.html




- -- 
Marc Petit-Huguenin
Personal email: marc@petit-huguenin.org
Professional email: petithug@acm.org
Blog: http://blog.marc.petit-huguenin.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk4h1J0ACgkQ9RoMZyVa61cFxQCfTPJuP/YveHmTK4AMZfonQK3m
Q+IAmgJN8sYZMzfygCqnocSYuosMsJT9
=o9Rj
-----END PGP SIGNATURE-----

v2.8.7 | Report a Bug | By Email