Re: [tcpm] another review of draft-ietf-tcpm-tcpsecure[-10]

Lars Eggert <> Tue, 30 September 2008 09:43 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id 2CBD43A67C1; Tue, 30 Sep 2008 02:43:54 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1DF593A67C1 for <>; Tue, 30 Sep 2008 02:43:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.475
X-Spam-Status: No, score=-6.475 tagged_above=-999 required=5 tests=[AWL=0.124, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Sz6hGZfwlSOQ for <>; Tue, 30 Sep 2008 02:43:52 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id ECAEA3A67B4 for <>; Tue, 30 Sep 2008 02:43:51 -0700 (PDT)
Received: from ( []) by (Switch-3.2.6/Switch-3.2.6) with ESMTP id m8U9hLXO009942; Tue, 30 Sep 2008 12:43:27 +0300
Received: from ([]) by with Microsoft SMTPSVC(6.0.3790.3959); Tue, 30 Sep 2008 12:43:15 +0300
Received: from ([]) by with Microsoft SMTPSVC(6.0.3790.3959); Tue, 30 Sep 2008 12:43:12 +0300
Message-Id: <>
From: Lars Eggert <>
To: ext Joe Touch <touch@ISI.EDU>
In-Reply-To: <>
Mime-Version: 1.0 (Apple Message framework v929.2)
Date: Tue, 30 Sep 2008 12:43:10 +0300
References: <> <> <> <>
X-Mailer: Apple Mail (2.929.2)
X-OriginalArrivalTime: 30 Sep 2008 09:43:13.0589 (UTC) FILETIME=[F50A6E50:01C922E0]
X-Nokia-AV: Clean
Cc: Alfred HÎnes <>,, "ext Anantha Ramaiah (ananth)" <>,, "Mitesh Dalal (mdalal)" <>
Subject: Re: [tcpm] another review of draft-ietf-tcpm-tcpsecure[-10]
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Type: multipart/mixed; boundary="===============0775758718=="


(individual hat on)

On 2008-9-29, at 20:31, ext Joe Touch wrote:
> Is it possible that a SHOULD isn't considered a "updates"?

RFC2119 language has nothing to do with the "updates" relationship.  
It's the applicability that matters.

"Updates 793" on document X means "if you implement 793 you also need  
to implement X". That is, because "updates" is typically used when a  
new document fixes critical bugs in an existing specification or adds  
mandatory new functionality.

For this document the applicability statement is basically "SHOULD  
implement when vulnerable, MAY otherwise". That's a conditional  
"updates". Unfortunately, the "updates" header isn't expressive enough  
to convey this.

We're left with two less-than-optimal choices: Add "updates 793",  
which doesn't capture the conditional expressed by the applicability  
statement, or omit "updates 793", which is also inaccurate.

My reason for suggesting to omit the "updates" - and this is a  
personal preference, I'll respect the WG decision and would like to  
head other opinions - is that a plain "updates 793" looks like a "you  
must implement this when implementing 793", and we had a long  
discussion around the applicability statement that seemed to indicate  
that the WG didn't want to make this blanket recommendation.


PS: As an example, look at the recent RFC5348, which is TFRC. It  
obsoletes RFC3448 (which was the old version of TFRC) but it also  
updates RFC4342 (DCCP's CCID3), which implements TFRC inside DCCP. The  
"updates" relationship here means that CCID3 implementations must now  
(also) implement RFC5348, i.e., the new version of TFRC.
tcpm mailing list