Re: [Ppm] Versioning for DAP drafts
Tim Geoghegan <timg@letsencrypt.org> Wed, 03 August 2022 20:35 UTC
Return-Path: <timg@letsencrypt.org>
X-Original-To: ppm@ietfa.amsl.com
Delivered-To: ppm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F178C15C505 for <ppm@ietfa.amsl.com>; Wed, 3 Aug 2022 13:35:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.687
X-Spam-Level:
X-Spam-Status: No, score=-2.687 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.582, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=letsencrypt.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NSkCIUnfjINV for <ppm@ietfa.amsl.com>; Wed, 3 Aug 2022 13:35:41 -0700 (PDT)
Received: from mail-lj1-x230.google.com (mail-lj1-x230.google.com [IPv6:2a00:1450:4864:20::230]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51A27C14F74E for <ppm@ietf.org>; Wed, 3 Aug 2022 13:35:41 -0700 (PDT)
Received: by mail-lj1-x230.google.com with SMTP id s14so20108434ljh.0 for <ppm@ietf.org>; Wed, 03 Aug 2022 13:35:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=letsencrypt.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=9/E0qwtTP9peoHpkN/5TuV44ByDu6e69YOBxdzk5qzc=; b=LwEN4KTRiudRSDz1fVkiGV3Bbf+o6LzZZzk9ZnzyWAOMsAb0Ons5NrcFrlsNpC6MdW x4KQZBolw5uMqcP4w45YqkrowX2pRirMRLJnY+Y3yXIzFWLfpSFdhW9QJaNsY3O+ZQOb vLZ8OA7SukZNc4l1r3d+f04dO+xZZIsxNaFiU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=9/E0qwtTP9peoHpkN/5TuV44ByDu6e69YOBxdzk5qzc=; b=uRLtW3kizUvLgOQMBIf7HPq8nhELN5FpIAHA0VuWa2mHb6SP9UjmYyD/8AijU6X7lt swN+qCshKlBWE+g10MtIjpCKgF44/UhQndSlS3Qbf+6xe2tWF87g3cO2sqWYUM0KUGn2 qvQH5muehjLUZdNFNz3cT6RzFfACmNk0DAEIPk9TDr/IUkaTc3dKXFkv7NoKpaqVvnzQ ZBlAj+4PNO4Fe3em0qBJTdLr10KxDcZNatiyYHbn0FYKV0NT74kxZMd+naHalELC4+Kb 0bxXycA/GwkFOBVsaqM+7j67hGPfGGxSFljEeJj6wsMdgDK358yyAG/pZ81FQSbVN+Ak gj/w==
X-Gm-Message-State: AJIora8BKiXWRdJ3x4YLW/4nRa4yUKwcyqGT2QEbZTuBD+Ay9RoF40UK xfWf0FIB4AFrRSyG6GBC+WKEfH+U7eYjIDL/443/TZIJ5Pmy8Q==
X-Google-Smtp-Source: AGRyM1sWc5pmkroRakNOYE2DeZlVQfaQi3QGg8MrLTipWA05r7gQ18An1vxeflIPwbM1dRxh1bRcKb3IVsN5nWjnAxw=
X-Received: by 2002:a2e:b88b:0:b0:25d:a15a:bba9 with SMTP id r11-20020a2eb88b000000b0025da15abba9mr9051669ljp.357.1659558939581; Wed, 03 Aug 2022 13:35:39 -0700 (PDT)
MIME-Version: 1.0
References: <CAG2Zi233rdc9XVS7euSDjw4UtgEYUzR_7hozZFk1iHOCtnrE+w@mail.gmail.com>
In-Reply-To: <CAG2Zi233rdc9XVS7euSDjw4UtgEYUzR_7hozZFk1iHOCtnrE+w@mail.gmail.com>
From: Tim Geoghegan <timg@letsencrypt.org>
Date: Wed, 03 Aug 2022 13:35:27 -0700
Message-ID: <CABN231pSMmxRXbiKHpQv8PDQEKyD=5icx-rnWJYdo=Nje73v4Q@mail.gmail.com>
To: Christopher Patton <cpatton=40cloudflare.com@dmarc.ietf.org>
Cc: ppm <ppm@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000013fe6b05e55c2d52"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ppm/F_WZXAzueINOkvlOfE8ojvPshWg>
Subject: Re: [Ppm] Versioning for DAP drafts
X-BeenThere: ppm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Preserving Measurement technologies <ppm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ppm>, <mailto:ppm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ppm/>
List-Post: <mailto:ppm@ietf.org>
List-Help: <mailto:ppm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ppm>, <mailto:ppm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Aug 2022 20:35:45 -0000
We've discussed this a bit before, in issue #61 [1]. At that time, ekr and Martin Thomson pointed us to the precedent of ACME. In particular, we can examine how Let's Encrypt handled the migration from what they call ACME v1 (implementing a draft of ACME from before it was published) to ACME v2 (mostly implements RFC 8555) [2]. The salient bit is that ACME v1 was (long since deprecated and turned off) served from https://acme-v01.api.letsencrypt.org/directory and ACME v2 is served from https://acme-v02.api.letsencrypt.org/directory. So basically: don't do anything "in-band" in the protocol to handle versioning. Instead leave it up to deployments to serve different API versions from different subdomains or different paths relative to whatever domain they use. Perhaps someday, the IETF will take on HTTP service discovery, and versioning might be a key feature of such an effort. In the meantime, I am wary of the PPM WG taking on that rather difficult problem. Tim [1]: https://github.com/ietf-wg-ppm/draft-ietf-ppm-dap/issues/61 [2]: https://letsencrypt.org/docs/acme-protocol-updates/ [3]: https://divviup.org On Wed, Aug 3, 2022 at 12:10 PM Christopher Patton <cpatton= 40cloudflare.com@dmarc.ietf.org> wrote: > HI all, > > As we are in the midst of considering changes for DAP-02, some > implementers (myself included) are finding themselves in the position of > needing to support multiple drafts simultaneously. As such, I think it's > time that we consider what our needs are for maintaining interop with older > drafts. > > One option for deployments is to "lock" the Aggregator endpoints to > specific drafts. For example, the Leader's base URL might be > dap-01.leader.example.com, indicating that the leader supports DAP-01 > only. One downside is that this makes determining whether a peer speaks a > given version happens out-of-band. I imagine this might lead to failure > modes that are hard to diagnose. > > After kicking this round with a few people off-list, here are a few > options: > 1. We could version the MIME types for each of the messages. E.g., instead > of "application/dap-report" (see [1]) we could have > `application/dap-02-report". > 2. We could send the version in a separate HTTP Header, e.g., > "DAP-Version: draft-02". > 3. We could version the HTTP endpoints in-band. E.g., instead of POSTing > reports to "/upload", clients would POST to "/02/upload". > 4. We could encode the version number in the message payload itself. > > Thoughts on these options? Any alternatives? > > Best, > Chris P. > > > [1] > https://ietf-wg-ppm.github.io/draft-ietf-ppm-dap/draft-ietf-ppm-dap.html#name-application-dap-report-medi > -- > Ppm mailing list > Ppm@ietf.org > https://www.ietf.org/mailman/listinfo/ppm >
- [Ppm] Versioning for DAP drafts Christopher Patton
- Re: [Ppm] Versioning for DAP drafts Tim Geoghegan
- Re: [Ppm] Versioning for DAP drafts Christopher Patton
- Re: [Ppm] Versioning for DAP drafts Christopher Patton
- Re: [Ppm] Versioning for DAP drafts Tim Geoghegan
- Re: [Ppm] Versioning for DAP drafts Martin Thomson
- Re: [Ppm] Versioning for DAP drafts Christopher Patton