Re: [regext] WG LAST CALL: draft-ietf-regext-unhandled-namespaces-03
"Gould, James" <jgould@verisign.com> Wed, 21 October 2020 20:56 UTC
Return-Path: <jgould@verisign.com>
X-Original-To: regext@ietfa.amsl.com
Delivered-To: regext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C13C3A0874 for <regext@ietfa.amsl.com>; Wed, 21 Oct 2020 13:56:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=verisign.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EcvfXlWhdHgL for <regext@ietfa.amsl.com>; Wed, 21 Oct 2020 13:56:54 -0700 (PDT)
Received: from mail6.verisign.com (mail6.verisign.com [69.58.187.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E0D23A084D for <regext@ietf.org>; Wed, 21 Oct 2020 13:56:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=verisign.com; l=9694; q=dns/txt; s=VRSN; t=1603313814; h=from:to:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version:subject; bh=fp/vZwTyN2lZrhlOZSXKzMvAeba1F9GK2kQzEHCBS7Y=; b=CmPRh5pOdnU8/wkzIjyuLDoujApd24neH9UfyfMJdIy6kJ5e47MOdyxn SjDfsP+GZ3vCwqvrbsFCIVhoZUIClyBNJJCDiTulTy7VudNh2wyhW0bB7 II4FhjARdUVi7+VqDR7J+l+uHpL8dmnhhhS7jGmWyGg54WJqyfiI/l2K0 dph0o85WSlRwMsGkXC9NgvscY57Yg9HnPPxUjohZubgW2oEwWp0/odHJt 9AfUQvBbUVOQA1GHbwCAuSZp+x3hckkY32mne6Fz2QpuUysU2FQY8SH3X Bj4XMYURCyQN4+NipiXL5w5rmxJmyNvibsnwV12emCyZMm9erBNjm/SwH w==;
IronPort-SDR: htbmG79CHxYhlCucXARJfz4Cau/0nZ5Br/QlXzZkqBU0180kR2XOX77Kz5+CycJ+4/PTrafZNI BZJFYjn90cI3zHTJPgv0worXWyc5/8YSjS721cR52OOGQxM0DZJ4Yjq4SkdlRkjJLoT+Cn+D2c /2leOM8p+j7WMGkI6YPKlunZ8+dkYsce0mvnhCHAoPVjjO8eKggnyLjvBu/jUTvp2sURFihhSj 3nJbwCeEuL3KHxGIhDdAnpNVYlPNtWUStFHO68DBkcXwJeQJ7UUv8OTjm856opgjplVIoQUxyY hOc=
X-IronPort-AV: E=Sophos;i="5.77,402,1596513600"; d="scan'208";a="3350454"
IronPort-PHdr: 9a23:SW2k8BfWmGbNfL/0H6JSVz/ElGMj4u6mDksu8pMizoh2WeGdxc26ZxCN2/xhgRfzUJnB7Loc0qyK6v+mBjFLvczJmUtBWaQEbwUCh8QSkl5oK+++Imq/EsTXaTcnFt9JTl5v8iLzG0FUHMHjew+a+SXqvnYdFRrlKAV6OPn+FJLMgMSrzeCy/IDYbxlViDanbr5+MRe7oR/Tu8QWjodvJbg9wQbVr3VVfOhb2XlmLk+JkRbm4cew8p9j8yBOtP8k6sVNT6b0cbkmQLJBFDgpPHw768PttRnYUAuA/WAcXXkMkhpJGAfK8hf3VYrsvyTgt+p93C6aPdDqTb0xRD+v4btnRAPuhSwaMTMy7WPZhdFqjK9DoByvuQFxw5Labo+WOvpxfK3SfdIGSmROUclcTDBBDZi5b4cTE+YMJ+RVoo/grFUOtxu+AgysCfvhxjFJgX/2wKk63Pk5HQrb2AIvBdcOv2rPrNn7KawfVuK1zKbPzTXea/NZxCzw6JbWfRA7oPGMRrNwccXXyUU1CwzFiVCQpJXjMjiI2esDr3KV4PB8VeKzlWEnsQdxryCty8ojl4TFmJ4YxF/F+Ch5w4s4IdK2RFN1b9OrEJZcqy+XO5Z5TM4tXmxltzg2x7IYtJOlYSUHyJopyR7DZ/CZdYWD/xztVOGUIThihXJlfqqyhwis/ki6y+38Tci00FlMripElNnDqmoB2ADU6siCUvdy4kah2S2T2ADU8O1LPUc0la/DJ54g3LEwipQTvV7EHi/sl0X7irKdeEY8+uWw9ujrfq/qqoKeOoJ6kA3yL6Qjl8KlDek3NgUCR3WX9fim2LH+/0D1XK9GguA5n6TaqpzWOMcWq6ikCAFPyIkj8QywDzK+3dQdmnkIMUxKdQqcj4jsJ1HOOPf4Deqjg1i0kDdk2fTGPrr5D5jQMnbNiKrtcrZl5UBTyQU/0c5T64hKCr4dJ/LzQFfxuMbCARAkKQC03fznCM571o8ERW2PBaqZPLvTsV+O+O0vP/GBaJIJtDrnNvQo5fDjgWUklVIdc6Slx5QaZXSgEvRjOUqZYH7sgtkbEWcNuwozVO7qiFKFUT5OY3a9Qrkx5i8lB4K8DIfDXYGtgLOH3CuhApJWYWVGBkiWEXj0b4WER+sMaCWKL895lzwJTqWuS4g91R60sg/11qZoLu3O9iIEspLj0cB/5/fPmhEq6Tx0E8Od3nmXT25qkWMHWTA33LxkrEx81FiDzaZ4j+ZfFdxJ6PMaGjs9YNTEysR2DMz7XA7KeZGCT1PsCoG+BBk9Sc44xdMFZAB2HND0yliJxSelDq8Jv72GGJJy9bjTlTClPctyxmba/Kgsk1dgRdFAYz6InKl6okL8AJPNnwHRta+veL9WlHrP+2CeyWamokxCURVxXqODVncaMBiF5e/l71/PGuf9QY8sNRFMnJaP
X-IPAS-Result: A2HoDgCHn5Bf/zGZrQpdA4EJgVGBcwaBH4E0CoQykR6DeZYwgT89CwEBAQEBAQEBAQgBHxAEAQEChEgCF4FzJjoEDQIDAQELAQEBBQEBAQEBBgMBAQEChkoMgjciez0JPQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQUCCAdNB0cBHgEBAQECASMROhsCAQgYAgImAgICMBUQAgQBEhuDCwGCXLB/doEyhVeFAIEOKoZihnKBQj6BESccgk0+hCUYFwomglAzgiwEkF6CcqQwAweCaokEi3iFex+DT3GdGpM5iH8SgWOVQAIEAgQFAhWBbQGBeHAVOyoBgj4JRxcCDY4rFxRuAQKCSYpWdA4nAwIGAQkBAQMJjAQtgQaBEQEB
Received: from BRN1WNEX01.vcorp.ad.vrsn.com (10.173.153.48) by BRN1WNEX02.vcorp.ad.vrsn.com (10.173.153.49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2106.2; Wed, 21 Oct 2020 16:56:52 -0400
Received: from BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d]) by BRN1WNEX01.vcorp.ad.vrsn.com ([fe80::a89b:32d6:b967:337d%4]) with mapi id 15.01.2106.002; Wed, 21 Oct 2020 16:56:52 -0400
From: "Gould, James" <jgould@verisign.com>
To: "pm@dotandco.com" <pm@dotandco.com>, "regext@ietf.org" <regext@ietf.org>
Thread-Topic: [EXTERNAL] Re: [regext] WG LAST CALL: draft-ietf-regext-unhandled-namespaces-03
Thread-Index: AQHWpbyiL6cvTJWd/k2IcHWB7mIWQKme7L0AgAOXQoCAAAntgA==
Date: Wed, 21 Oct 2020 20:56:52 +0000
Message-ID: <605837F6-B907-457B-B5D0-54D485358AD4@verisign.com>
References: <04DF4069-4B02-489C-BB6E-94DEB581F862@elistx.com> <1596663b-1d40-44a7-beb4-dd41172dea91@www.fastmail.com> <75A43B1C-5D7B-4CE6-B126-303B3F34AB35@verisign.com> <84785f0d-cc30-43dd-bf49-894caa1feeb2@www.fastmail.com>
In-Reply-To: <84785f0d-cc30-43dd-bf49-894caa1feeb2@www.fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.41.20091302
x-originating-ip: [10.170.148.18]
Content-Type: text/plain; charset="utf-8"
Content-ID: <9C9E7AB09CCF03438022ECD6A821BDB6@verisign.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/regext/xtY8t5qz7GR_qOcVrYA4_VhiUMs>
Subject: Re: [regext] WG LAST CALL: draft-ietf-regext-unhandled-namespaces-03
X-BeenThere: regext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Registration Protocols Extensions <regext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/regext>, <mailto:regext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/regext/>
List-Post: <mailto:regext@ietf.org>
List-Help: <mailto:regext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/regext>, <mailto:regext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Oct 2020 20:56:56 -0000
Patrick, I provide me responses embedded below. -- JG James Gould Fellow Engineer jgould@Verisign.com <applewebdata://13890C55-AAE8-4BF3-A6CE-B4BA42740803/jgould@Verisign.com> 703-948-3271 12061 Bluemont Way Reston, VA 20190 Verisign.com <http://verisigninc.com/> On 10/21/20, 12:22 PM, "regext on behalf of Patrick Mevzek" <regext-bounces@ietf.org on behalf of pm@dotandco.com> wrote: James, On Mon, Oct 19, 2020, at 08:31, Gould, James wrote: > Considering a default opt-in puts all currently existing EPP > clients at risk. > > JG - draft-ietf-regext-unhandled-namespaces addresses an > interoperability issue with the server returning extensions that the > client specified is not supported. The <extValue> element is already a > feature supported by RFC 5730, so this is not something "forced on > them". You are misreading me or misquoting me. What your draft forces on is the use of extValue as NOT described by RFC 5730 hence putting all current clients at risk, because you "silently" change some core expectations of RFCs 5730+. I know the problem you are trying to address (I even think I was one of the people raising it in the first place but note that in 20 years or more that EPP exists, it obviously did not move people so much even if it is a real problem), I am just trying to explain that this draft creates an interoperability problem by just changing the semantics of RFC 5730 without letting clients decide if they want it or not, they are forced by the server, hence this default opt-in migration of the current park of EPP clients will create problems. JG - I'm not clear of the risk of returning information in the <extValue> element to clients. There won't be a schema validation error like the case of returning a non-supported extension to a validating client. There won't be a marshaling error for the client, since unmarshaling the <extValue> in the <result> element should already be supported. The most likely issue is that the client will ignore the information, which does not pose an operational risk. I've implemented draft-ietf-regext-unhandled-namespaces on the server side and in a validating client within the Verisign EPP SDK, and I don't see any potential risk for the client. Martin implemented draft-ietf-regext-unhandled-namespaces in a Production server and hasn't come across any reported client-side issues. A server can choose to implement draft-ietf-regext-unhandled-namespaces and when doing so should notify the clients ahead of time, so this is not something that would be thrown onto clients without notice. > This is not a new feature from a protocol > perspective that will cause an interoperability issue. It is, because extValue is defined as containing *client* data that created an error, and you are stuffing it with *server* data. Plus the return code of 1000 + extValue case that I tried to explain, which doesn't seem to me really covered by existing RFCs, so you are just redefining things, hoping that all clients immediately will just implement your draft and hence everything is fine but unfortunately that is not what is going to happen... Maybe all of this is fine, redesigning EPP from scratch today, I could agree with all this. But I am just pointing out that specifications already exist and are NOT aligned with the way you try to use them in this draft. This is the interoperability problem, not the features themselves, the fact that you add them on top of things where they do not fit 100%. JG - RFC 5730 did not foresee the issue associated with returning poll messages to clients that don't support the extensions in the poll message. We discussed this at length at multiple REGEXT meetings, and the best solution to this problem is defined in draft-ietf-regext-unhandled-namespaces. A draft can be defined to cover the usage of an existing element in the RFC for a specific feature, which in this case is to enable servers to comply with the EPP RFC for poll messages and when there is the need to return additional information to the client (e.g., DNSSEC information). > There is no normative language in RFC 5730 that would > prohibit the use of <extValue> for the use case covered in > draft-ietf-regext-unhandled-namespaces. I believe there is and I quoted you so. Note the mention of "client-provided element", but you seem to just ignore that point. A specification can not list everything prohibited. It lists what is allowed (and it says clearly "client-provided element") and then as a safe view you can expect the rest not to be allowed. JG - Yes for an error it makes sense to include the "client-provided element". The case defined in draft-ietf-regext-unhandled-namespaces is not an error and the use of the <extValue> element for this use case is defined in draft-ietf-regext-unhandled-namespaces. The description of the element does not prohibit the use of the element to address a specific well-defined problem solved by draft-ietf-regext-unhandled-namespaces. > There may be clients out there that will consider value/extValue > only for error > return codes (>=2000) and will get confused when getting back 1000 > but with extValue > as this draft calls for. > > JG - RFC 5730 did not envision this case, which is the point with the > standardization of draft-ietf-regext-unhandled-namespaces. Which is the core of the problem and the interoperability risk. You redefine core parts of RFC 5730 without taking into accounts that clients may not be aware of your change (your draft) and hence will have problems if the server forces that new view on them, without any possible negotiation. At this point it seems we are just repeating our own arguments on both side, so I don't think either will move their position and we have to keep our disagreement, which is fine. I wanted to record my disagreement on this draft during WGLC, that is all. JG - We can agree to disagree on the value and risks associated with draft-ietf-regext-unhandled-namespaces. The Document Shepherd can include a reference to your disagreement in his writeup, but I don't believe there is consensus to make a change. -- Patrick Mevzek pm@dotandco.com _______________________________________________ regext mailing list regext@ietf.org https://secure-web.cisco.com/1i1Q3CVDa_FU-YVvvRDiCKMNpQVcpS3JDv2v0QA12tEaSTOW11TJfvN4z66pyAhoHIWLb6zl6Vlm8JNkYUkXNvDY1HnvCJbHdWGL1CPbOopKavSItHVfrzNNsaBcgCs5zZCgP2rEWdFf11Nzr1Q4_8Laq4hmSQuI78P9XhRWFnjTPpij5TvK_0w-3DHtF8LPayY3Waufo2V3SNsBVdgW7XZbnUmCMfpMyyqqLBw-IOOItHP53JjuXR5vVygp-x65CtdSjLGsJyq2dbXGu8oSJICdB_U86opQQMpDYK4ZRngk/https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fregext
- [regext] WG LAST CALL: draft-ietf-regext-unhandle… James Galvin
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Tobias Sattler
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Roger D Carney
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Mario Loffredo
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Patrick Mevzek
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Gould, James
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Patrick Mevzek
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Gould, James
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Patrick Mevzek
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Gould, James
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Patrick Mevzek
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Gould, James
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… James Galvin
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Thomas Corte
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Gould, James
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Thomas Corte
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Martin Casanova
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Patrick Mevzek
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Gould, James
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Patrick Mevzek
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… James Galvin
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… Gould, James
- Re: [regext] WG LAST CALL: draft-ietf-regext-unha… James Galvin