Re: Reminder: WGLC Announcement for draft-ietf-tsvwg-iana-ports-08 - 26th November 2010

[Eliot Lear <lear@cisco.com>]

I agree with Paul on these points.

On 11/24/10 5:27 PM, Paul Hoffman wrote:
> At 5:17 PM +0100 11/24/10, Magnus Westerlund wrote:
>> Paul Hoffman skrev 2010-11-22 23:14:
>>> In general, this document seems fairly worthwhile. I have a two reservations, however:
>>>
>>> - There is no justification for retaining the differentiation between System Ports and User Ports. Given the wide disparity in assignment rates, I would have thought that this would be a good time to say "there is no longer a difference". The text in 8.1 doesn't explain the difference in a way I could discern. At a minimum, this needs to be covered in much more detail in sections 7.1 and 7.2.
>> My personal view is that I agree that there really are no significant
>> difference between the two ranges. There has traditionally been a
>> perceived difference between the two ranges.
> That is only because *we* said there was a difference.
>
>> Also, isn't there still
>> some difference in what rights are needed on a number of unix systems to
>> install a listener?
> Not in any sane system, no.
>
>> So I think the difference is in peoples heads. The
>> registration rules do require you to clearly motivate why you should be
>> given a port in the system range.
>>
>> In chapter 6, there is the following text:
>>
>>    Such confirmation of intended use is
>>    especially important when these ports are associated with privileged
>>    (e.g., system or administrator) processes.
>>
>>
>> For the difference in allocation rates there is a reason why there such
>> a low rate for "System" ports, and that is due to the high bar that
>> already is set by the port expert reviewers.
>>
>> We are trying to focus on getting the new registry and its structure in
>> place. Rather than changing all details, like if the system port range
>> should be removed. There was previous discussion on this in IETF without
>> any consensus so we haven't been interested in driving this.
> If not now, while the registry is open, when?
>
>> I think removing the system ports range is beyond our intentions with
>> this document. Secondly, we can try to clarify the difference between
>> system and registered range.
> In the IETF, tomorrow's tomorrow is never.
>
>>> - Two of the references seem ill-advised for a long-lived RFC:
>>>    [SYSFORM]  Internet Assigned Numbers Authority (IANA), "Application
>>>               for System (Well Known) Port Number",
>>>                http://www.iana.org/cgi-bin/sys-port-number.pl.
>>>
>>>    [USRFORM]  Internet Assigned Numbers Authority (IANA), "Application
>>>               for User (Registered) Port Number",
>>>                http://www.iana.org/cgi-bin/usr-port-number.pl.
>>> For years, URI-aware IETF participants have been trying to get IANA to not instantiate URIs that hard-code the source and type of content in public URLs. The above two URLs force IANA to keep using an Apache-based directory structure, and to keep using Perl scripts, for the life of this RFC. It would be far better if IANA would start following Web best practices before this document is published as an RFC and use more universal local parts in these URLs.
>> I think we can remove these URL and just point at the IANA website as it
>> was.
> That would probably be better than instantiating the Perl script's address.
>
> --Paul Hoffman, Director
> --VPN Consortium
>