IETF Logo Mail Archive

Re: [Uuidrev] Publication has been requested for draft-ietf-uuidrev-rfc4122bis-07

Brad Peabody <brad@peabody.io> Sun, 16 July 2023 19:19 UTC

Return-Path: <brad@peabody.io>
X-Original-To: uuidrev@ietfa.amsl.com
Delivered-To: uuidrev@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8EF87C14CE54 for <uuidrev@ietfa.amsl.com>; Sun, 16 Jul 2023 12:19:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=peabody-io.20221208.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OGu80VVMTqin for <uuidrev@ietfa.amsl.com>; Sun, 16 Jul 2023 12:19:34 -0700 (PDT)
Received: from mail-pf1-x436.google.com (mail-pf1-x436.google.com [IPv6:2607:f8b0:4864:20::436]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51F01C14CF05 for <uuidrev@ietf.org>; Sun, 16 Jul 2023 12:19:34 -0700 (PDT)
Received: by mail-pf1-x436.google.com with SMTP id d2e1a72fcca58-68336d06620so3872831b3a.1 for <uuidrev@ietf.org>; Sun, 16 Jul 2023 12:19:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=peabody-io.20221208.gappssmtp.com; s=20221208; t=1689535174; x=1692127174; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=pHOVFgRdlfsgmShl06IzfdcyoEf3sMwDPFhqq4ImbzQ=; b=G3EKBLNF0r+5jz6z1khz2gUMTGlFhfp8V+6SZolGCPUDJIiUap5m30qKkh/XosQT58 atEGSzeDlVvmzfpZEsZd5gTRTtsUrGWhS7Zqy1N6PvXCKtmfD4vfw0NRpgZg46u5o5q+ 5N0OIIQYfxboyT/aFABm4qZplh5ynKgnkI2tZwy0Icw1TKJgRqvUZ3ou9r8mO7o4txGb i9k9JrnDkvHXICRKcQoyP6131qWCDrSrBUGLlGf1jgjgbEgo2jI17mfNw4p9TF+ivZXo qFC0S+Koec9WAmS7jlyEVmWfgpUoPW5k2IsTUxr1EAsMCpqKmjtIrqOIYPlM4v3JREMc YlIA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689535174; x=1692127174; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=pHOVFgRdlfsgmShl06IzfdcyoEf3sMwDPFhqq4ImbzQ=; b=J0scj+66oM7KfptQA6hNwsh0SjXv8WF3YaAfvIC1IWbV0lrX07Ig+93pIOHseb1Jmi JFzqEPsVTBn/NuzH8kjiOFqyEzzCZ/BS+AQkOXOwmp6814W31wVvQeDeCTTZ3oBfbeHX mCmNXpQ2KqAcH0wbKqUaBjuCqJlufROiaYogtF0DZ24QmBQk4teUnzmBmAxJW9CpPvda /BdmzjW+ENRmJ/aP84hzIy/O2BLGHBZYr0miIpxKOKLtKr1Gni+w79vosEp+j5X3ifn8 dviJYswKDKeipN57FNHK1k9FFe0qbfjRh33USXHX7Bckkklm3kKQQ8riKAYz9R2NJGGU 38hg==
X-Gm-Message-State: ABy/qLZOG5ykuNmZponJXGCIOtOkbxjQ7zdGtbH0yIG5MT9a21YrVlIZ 0NmSUf+jHE9u9dUgLDLaPpLRujqv4YcEeJcnabOd
X-Google-Smtp-Source: APBJJlHB8+AVef8nx6B50F6RVYWlCe2BG8Aoh7dTqTqQvjIrHk/qH1Ir1yrRo7BWqj2NMmBaaPdU1A==
X-Received: by 2002:a05:6a20:29a9:b0:131:4d40:3c96 with SMTP id f41-20020a056a2029a900b001314d403c96mr9815342pzh.33.1689535173588; Sun, 16 Jul 2023 12:19:33 -0700 (PDT)
Received: from smtpclient.apple (2603-8001-7b00-2998-ad7a-3c18-38df-0919.res6.spectrum.com. [2603:8001:7b00:2998:ad7a:3c18:38df:919]) by smtp.gmail.com with ESMTPSA id n21-20020aa78a55000000b0067acbc74977sm10768677pfa.96.2023.07.16.12.19.32 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 16 Jul 2023 12:19:33 -0700 (PDT)
From: Brad Peabody <brad@peabody.io>
Message-Id: <A0F2ED8D-94E9-40E6-9A85-6C494DE53DF0@peabody.io>
Content-Type: multipart/alternative; boundary="Apple-Mail=_786FBC06-73B9-4D40-BA02-AFA6EA7AC73B"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
Date: Sun, 16 Jul 2023 12:19:30 -0700
In-Reply-To: <CAL0qLwZSvUPnroBL8A9uWiZr7_Z+0E_1fEw8vhHigCVztBqMNg@mail.gmail.com>
Cc: "Kyzer Davis (kydavis)" <kydavis=40cisco.com@dmarc.ietf.org>, "uuidrev-chairs@ietf.org" <uuidrev-chairs@ietf.org>, "uuidrev@ietf.org" <uuidrev@ietf.org>
To: "Murray S. Kucherawy" <superuser@gmail.com>, "mcr+ietf@sandelman.ca" <mcr+ietf@sandelman.ca>
References: <168640474038.62291.15105281985713025169@ietfa.amsl.com> <CAL0qLwaj50A5nvnqbxaKZq1erAU_YBos3VQXd4wp0wL7x9Ntzw@mail.gmail.com> <PH0PR11MB502934AEF4FE1093B28E1513BB30A@PH0PR11MB5029.namprd11.prod.outlook.com> <46863A89-B283-438A-9DA3-B9044024394A@peabody.io> <CAL0qLwZSvUPnroBL8A9uWiZr7_Z+0E_1fEw8vhHigCVztBqMNg@mail.gmail.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/uuidrev/BT0lp6PY9pm36bt0c7lpJdNCDkk>
Subject: Re: [Uuidrev] Publication has been requested for draft-ietf-uuidrev-rfc4122bis-07
X-BeenThere: uuidrev@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Revise Universally Unique Identifier Definitions <uuidrev.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uuidrev>, <mailto:uuidrev-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uuidrev/>
List-Post: <mailto:uuidrev@ietf.org>
List-Help: <mailto:uuidrev-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uuidrev>, <mailto:uuidrev-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Jul 2023 19:19:36 -0000

MSK - thanks for the detailed reply and example, I’m 100% in agreement and that all makes sense.

> Hi, Kyzer are you okay with the AD review comments?
> Do we need to convene a design team meeting to deal with the comments?
> Let Jim and I know, we are here to help get this done.

I’ll let Kyzer answer on whether or not he thinks a meeting is necessary, but I suspect between this and the info collected here https://github.com/ietf-wg-uuidrev/rfc4122bis/issues/114 <https://github.com/ietf-wg-uuidrev/rfc4122bis/issues/114> , we have what we need to make the appropriate edits.  I probably should have just provided my feedback on that GitHub issue as a Pull Request in the first place, let me see if I can just get that hammered out.

Best, Brad


> On Jul 13, 2023, at 6:03 PM, Murray S. Kucherawy <superuser@gmail.com> wrote:
> 
> On Mon, Jul 10, 2023 at 7:56 AM Brad Peabody <brad@peabody.io <mailto:brad@peabody.io>> wrote:
> 
> My feedback on this is that it’s important that we don’t over-specify things that do not affect interoperability.
> 
> This sentence by itself means it should be MAY, or just don't use the key words at all.  The BCP 14 key words are all about interoperability; if you don't need them, don't use them.  In fact, Section 6 of RFC 2119 says in its entirety:
>    Imperatives of the type defined in this memo must be used with care
>    and sparingly.  In particular, they MUST only be used where it is
>    actually required for interoperation or to limit behavior which has
>    potential for causing harm (e.g., limiting retransmisssions)  For
>    example, they must not be used to try to impose a particular method
>    on implementors where the method is not required for
>    interoperability.
>  From my perspective, what’s happened is that in RFC 4122 there is a whole bunch of detail about how to handle various edge cases, and these then become law and impose complexity on the target environment/implementation, whether it matters or not.  In the example above, most clocks just count forward most of the time, but edge cases exist such as adjustments from NTP or manual clock adjustments.  Some applications will require careful handling of this situation, but I suspect many will not care.  If we impose an exact solution that MUST be implemented for this edge case, the result will be every implementation will have to include the complexity for that edge case in order to be a “compliant” implementation, even though it literally may not matter at all for most implementations, and certainly doesn’t matter in terms of producing an output that is acceptable to another system that needs to receive a UUID.  Same thing on counters and like - I think we want to provide implementation suggestions, but not impose too many “you absolutely must do it this way or your implementation is broken” for things that do not affect interoperability. This line of thinking is also what drives suggestions about opacity and introspection. Implementations generally interoperate much better if they don’t unnecessarily inspect UUIDs, so we suggest people don’t, and instead to just use UUIDs just as opaque identifiers.  However, it’s unreasonable to assume that no implementation will ever parse a UUID and extract a timestamp or something else, and it's not like forbidding this behavior is even helpful because people would do it anyway since it’s technically possible.  That’s why there’s a lot of suggestions about how to generate UUIDs, but fewer strict requirements, because I believe that better models how implementations are done in the real world and what aides interoperability the most.
> 
> That’s my take on it, hopefully it at least provides context.
> 
> Yes, it's very helpful.
> 
> Let me use this as an example:
> 
> "Implementations SHOULD use the current timestamp from a reliable source to provide values that are time-ordered and continually increasing. Care SHOULD be taken to ensure that timestamp changes from the environment or operating system are handled in a way that is consistent with implementation requirements. For example, if it is possible for the system clock to move backward due to either manual adjustment or corrections from a time synchronization protocol, implementations need to determine how to handle such cases. (See Altering, Fuzzing, or Smearing below.)"
> 
> The SHOULD here doesn't create a hard requirement.  I could flatly ignore this paragraph, arguing that I know what I'm doing, and still expect producers and consumers to interoperate most or all of the time and claim compliance with the specification.
> 
> I suggest:
> 
> Implementations MUST use the current timestamp from a reliable source to provide values that are time-ordered and continually increasing.  Care is to be taken to ensure that timestamp changes from the environment or operating system are handled in a way that is consistent with this requirement.  For example, if it is possible for the system clock to move backward due to either manual adjustment or corrections from a time synchronization protocol, implementations need to determine how to handle such cases. (See Altering, Fuzzing, or Smearing below.
> 
> Or you could even do:
> 
> Implementations acquire a current timestamp from a reliable source to provide values that are time-ordered and continually increasing.  Care is to be taken to ensure that timestamp changes from the environment or operating system are handled in a way that is consistent with this requirement.  For example, if it is possible for the system clock to move backward due to either manual adjustment or corrections from a time synchronization protocol, implementations need to determine how to handle such cases. (See Altering, Fuzzing, or Smearing below.
> 
> -MSK

v2.23.0 | Report a Bug | By Email