IETF Logo Mail Archive

Re: [P2PSIP] Breaking RELOAD [was Re: Identity certificate segregation]

Marc Petit-Huguenin <petithug@acm.org> Sun, 17 July 2011 06:14 UTC

Return-Path: <petithug@acm.org>
X-Original-To: p2psip@ietfa.amsl.com
Delivered-To: p2psip@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B84621F86AD for <p2psip@ietfa.amsl.com>; Sat, 16 Jul 2011 23:14:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.591
X-Spam-Level:
X-Spam-Status: No, score=-102.591 tagged_above=-999 required=5 tests=[AWL=0.009, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sn41rMAvwROV for <p2psip@ietfa.amsl.com>; Sat, 16 Jul 2011 23:14:00 -0700 (PDT)
Received: from implementers.org (implementers.org [IPv6:2604:3400:dc1:41:216:3eff:fe5b:8240]) by ietfa.amsl.com (Postfix) with ESMTP id 2DF2B21F869E for <p2psip@ietf.org>; Sat, 16 Jul 2011 23:14:00 -0700 (PDT)
Received: from [IPv6:2001:55c:4c15:5f80:213:d4ff:fe04:3e08] (unknown [IPv6:2001:55c:4c15:5f80:213:d4ff:fe04:3e08]) by implementers.org (Postfix) with ESMTPS id 9D2E82199E; Sun, 17 Jul 2011 08:12:16 +0200 (CEST)
Message-ID: <4E227DA3.8010603@acm.org>
Date: Sat, 16 Jul 2011 23:13:55 -0700
From: Marc Petit-Huguenin <petithug@acm.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.18) Gecko/20110626 Iceowl/1.0b2 Icedove/3.1.11
MIME-Version: 1.0
To: Bruce Lowekamp <bbl@lowekamp.net>
References: <BANLkTikuy8qpZ42Zod1YK2+iYv1ib6=Yag@mail.gmail.com> <1307629878.30919.87.camel@toedo> <4DF0FD49.3020505@acm.org> <1307641649.5184.17.camel@santeles> <4E00F7CE.7080402@acm.org> <4E0DB3EC.1040705@ericsson.com> <B3E5E380-1759-4B9A-9556-CEC4E6383D59@cisco.com> <4E207F1C.9080500@acm.org> <B6B03151-D0EA-4357-A9CF-746E59796B5D@cisco.com> <4E21D49F.9000100@acm.org> <CAEOK=onUfCGkRbcTKcrKPKQBojnxMiCCbcEKW99Dq7=eiP9e9w@mail.gmail.com>
In-Reply-To: <CAEOK=onUfCGkRbcTKcrKPKQBojnxMiCCbcEKW99Dq7=eiP9e9w@mail.gmail.com>
X-Enigmail-Version: 1.1.2
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: P2PSIP WG <p2psip@ietf.org>
Subject: Re: [P2PSIP] Breaking RELOAD [was Re: Identity certificate segregation]
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Jul 2011 06:14:01 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This was general remarks about the whole process, which I especially dislike.

On 07/16/2011 06:47 PM, Bruce Lowekamp wrote:
> On Sat, Jul 16, 2011 at 2:12 PM, Marc Petit-Huguenin <petithug@acm.org> wrote:
> On 07/16/2011 09:41 AM, Cullen Jennings wrote:
>>>>
>>>> I think all the people that implemented early version know that changes can,
>>>> and will,   break backwards compatibility. I don't recall very many places
>>>> where I used this as augment for one way or another. I recall some places
>>>> where it was 6 of one of half a dozen of the other and it made no fundamental
>>>> difference to the protocol so we decided to go which what was already
>>>> implemented.
> 
> Well, I kind of disagree here.  The problem is that *future* implementers will
> not have access to the whole history of the development of the RELOAD protocol
> when trying to decipher the specification.  The RELOAD specification is *not*
> developer friendly (but it is not specific to this spec).  I am still not saying
> that a protocol must be developer-friendly, just that the text describing it
> should be, and that when it makes no fundamental difference to the protocol,
> making it easier for future developers should have priority over not breaking
> compatibility.
> 
> 
>> While I think we're a bit late in the process for a wholesale rewrite
>> (we've done it about twice), if you have specific suggestions on
>> editorial issues that would make it clearer, please make them now
>> while we might be able to adjust some of the text.
> 
> 
>>>> That said some types of changes are very easy to move into a fully
>>>> operational deployed DHT. Others are not. For example, a change that you can
>>>> detect the version number and then just have the software do the right things
>>>> is pretty easy particularly if both the new code and old code can exist in
>>>> the ring at the same time. A change where every device in the ring needs to
>>>> get a new certificate and you can' have a mixed ring with the old and new
>>>> certificates at the same time is not easy to deploy.
> 
> I still do not see this as a good reason to stop fixing stuff in the protocol.
> What is the point of having internet *drafts* if they are to be considered as
> standard track RFCs?
> 
>> There are quite a few people who want to build things on top of it,
>> and it needs to not be a moving target for that to happen.
>> Presumably, if a significant amount of practical experience shows
>> things need to be changed, extensions and/or a v2.0 can be done.  But
>> right now the lack of a v1.0 is blocking other people's work.
> 
>> Bruce
> 
> 
>>>>
>>>> To the point of this specific proposal for change. This fundamentally changes
>>>> the security model and nearly every part of this protocol that has anything
>>>> to do with security - which is most of it. The suggestions is several years
>>>> late - it was many years ago that this WG made the decision about what the
>>>> general security model was doing to be. If people want this, it seems like a
>>>> fine thing to do in version 2.0 of the protocol. Thought my previous email
>>>> suggested that one could look at doing it in an extension, closer examination
>>>> of that makes me think there would be some real hard problems in trying to do
>>>> that as it requires all the security component to be re-thought and
>>>> redesigned.
> 
> OK, now we agree.
> 
>>>> Given the current level of energy in the WG, that would take
>>>> several years to happen. I have pretty much zero interest in doing that, I'd
>>>> like to actually have an RFC for this in the next year instead of several
>>>> years from now. As practical improvement of the protocol, I have not seen a
>>>> single use case proposed where this improves things so much we can actually
>>>> do something interesting that we can no do with the current proposal.
>>>>
>>>>
>>>>
>>>> On Jul 15, 2011, at 10:55 , Marc Petit-Huguenin wrote:
>>>>
>>>> On 07/07/2011 03:34 PM, Cullen Jennings wrote:
>>>>>>>
>>>>>>> This would break all the current deployments and implementation and not
>>>>>>> just in a way where some new software would need to be pushed out - all
>>>>>>> new certificates would need to be issues. From my point of view, this
>>>>>>> is too late for this change and instead it could be addressed with an
>>>>>>> extension.
>>>>
>>>> About this "breaking current deployment" thing, it seems to me that anyway
>>>> when RELOAD will be published as an RFC, the version number with be
>>>> incremented to 1.0 (0x0a), so implementations of the RFC will *not* be
>>>> compatible with *any* of the current implementations.  And because of this, I
>>>> really do not understand why the authors of RELOAD are fighting so hard to
>>>> not break things that will be broken anyway - there was multiple instances of
>>>> things that could have been improved in the document but stayed because of
>>>> this (the fragment bit is one example of this).  Having been there multiple
>>>> times I really understand the plight of early implementers but I would never
>>>> ever use this as a justification to keep useless stuff in a protocol.  What
>>>> should have been done is simply to increment the version each time a new
>>>> version of the draft would have broken interoperability - and we had the
>>>> possibility to do that 8 times (versions 0.1 to 0.9).
>>>>
>>>>>>>
>>>>>>> On Jul 1, 2011, at 5:47 AM, Gonzalo Camarillo wrote:
>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> please, let me know whether or not these modifications will be
>>>>>>>> included in the base draft at this point.
>>>>>>>>
>>>>
>>>> [...]
>>>>
>>>>>
> 
>>>> Cullen Jennings For corporate legal information go to:
>>>> http://www.cisco.com/web/about/doing_business/legal/cri/index.html

- -- 
Marc Petit-Huguenin
Personal email: marc@petit-huguenin.org
Professional email: petithug@acm.org
Blog: http://blog.marc.petit-huguenin.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk4ifaIACgkQ9RoMZyVa61fPIgCfXHENMbCurA48yDa8luqfDruT
Ih0AoIgCzBWIRssi3kvGwSMLZLBa8i05
=6UXw
-----END PGP SIGNATURE-----

v2.8.7 | Report a Bug | By Email