IETF Logo Mail Archive

Re: [Uuidrev] Publication has been requested for draft-ietf-uuidrev-rfc4122bis-07

"Murray S. Kucherawy" <superuser@gmail.com> Fri, 14 July 2023 01:04 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: uuidrev@ietfa.amsl.com
Delivered-To: uuidrev@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF9F4C14CE4A; Thu, 13 Jul 2023 18:04:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FVcZDkGgLP5n; Thu, 13 Jul 2023 18:04:13 -0700 (PDT)
Received: from mail-ej1-x62b.google.com (mail-ej1-x62b.google.com [IPv6:2a00:1450:4864:20::62b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B762C151994; Thu, 13 Jul 2023 18:04:13 -0700 (PDT)
Received: by mail-ej1-x62b.google.com with SMTP id a640c23a62f3a-94ea38c90ccso36856466b.1; Thu, 13 Jul 2023 18:04:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1689296652; x=1691888652; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=KFhGzL2gChlBHCz9PxmyYqyqh9NOJWrqLM6DOGTi9JQ=; b=NfEQg8y9w5KqeWUBBQEAIrSUv+sXZwvb67Atc1+CmXuID3dHm4e9VIAKT9zFTeyftx UaHjYtGVRKRvWAHVkiHmMCOM9xB0hvFbQlWmJC3XdUGG2zebC6wTMymuOsnwELg24MbG obMAIZ5Jkq0jiLtZLQ2Z22HzON/bFVSwmX0Yu083emc51A1lwfgTXQNaUs1AZVqaQ8hQ JlWcw0eoKAgf2sHOYSWkUb/CaR9qZHGnJeYK9kJZRiRaMbrg50aB5jycIj5LaBBdgBTd kwH5oNx+Dxh1c0OLWg/AP9+mAjOLi6gFBuOBg4NAmQReqmC2gJpFmBVZWHJQ9Q9XYpHs vJdQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689296652; x=1691888652; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=KFhGzL2gChlBHCz9PxmyYqyqh9NOJWrqLM6DOGTi9JQ=; b=ZRbGeKksf9T+x/pwz7Gofq6UoINfPxSFNwmtAaTrzapB60RgrXP4WuHHTlU51fAm9f 67sjY922TIct2nHF8gLFs35D+RiU5jx3fIpM0QKFB7xZC6PfLgfaJP24fmLrHT55pbbS 4wVKpaBtbJLTQEw20T+9Mn5/IuX7W/8GHk8/mCRVB1T/9giZXbK/k4FknHjIbmm8PMaO fBaW75OAL9nYOU5UYs9U3wxSTC/iUCZd74N9s8C8sqajJ/1eN5tpQqGpg6i6pnRVLpTa B3BBaE3dQXLtmnCHAZDmqlAdFuckU47Jb08tTJjLYgUol2G72ahLfaQIVdCK/UN5zwPr YXEg==
X-Gm-Message-State: ABy/qLajrGiLQsPWa1kSKolKKpa+yeku3qrbFFmktpQZILhL4QsT7bLz dF1UgT7fugf99Zq+vN8y7ZnDGyzp0yb2e+qu5S0=
X-Google-Smtp-Source: APBJJlHATfVYWQGlOpDBSAdh7/Utx363ihsZYL6RKZch5MYxHFJJD3KD0xxLY2bHGl7SGKYhamUaE2ikUgR3Cpp+CsE=
X-Received: by 2002:a17:906:59:b0:993:d90e:3101 with SMTP id 25-20020a170906005900b00993d90e3101mr2638862ejg.1.1689296651511; Thu, 13 Jul 2023 18:04:11 -0700 (PDT)
MIME-Version: 1.0
References: <168640474038.62291.15105281985713025169@ietfa.amsl.com> <CAL0qLwaj50A5nvnqbxaKZq1erAU_YBos3VQXd4wp0wL7x9Ntzw@mail.gmail.com> <PH0PR11MB502934AEF4FE1093B28E1513BB30A@PH0PR11MB5029.namprd11.prod.outlook.com> <46863A89-B283-438A-9DA3-B9044024394A@peabody.io>
In-Reply-To: <46863A89-B283-438A-9DA3-B9044024394A@peabody.io>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Thu, 13 Jul 2023 18:03:59 -0700
Message-ID: <CAL0qLwZSvUPnroBL8A9uWiZr7_Z+0E_1fEw8vhHigCVztBqMNg@mail.gmail.com>
To: Brad Peabody <brad@peabody.io>
Cc: "Kyzer Davis (kydavis)" <kydavis=40cisco.com@dmarc.ietf.org>, "mcr+ietf@sandelman.ca" <mcr+ietf@sandelman.ca>, "uuidrev-chairs@ietf.org" <uuidrev-chairs@ietf.org>, "uuidrev@ietf.org" <uuidrev@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000d56cba0600680616"
Archived-At: <https://mailarchive.ietf.org/arch/msg/uuidrev/Evli8uz2Pnju3E_ZEAw-q95k2iQ>
Subject: Re: [Uuidrev] Publication has been requested for draft-ietf-uuidrev-rfc4122bis-07
X-BeenThere: uuidrev@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Revise Universally Unique Identifier Definitions <uuidrev.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uuidrev>, <mailto:uuidrev-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uuidrev/>
List-Post: <mailto:uuidrev@ietf.org>
List-Help: <mailto:uuidrev-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uuidrev>, <mailto:uuidrev-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Jul 2023 01:04:18 -0000

On Mon, Jul 10, 2023 at 7:56 AM Brad Peabody <brad@peabody.io> wrote:

>
> My feedback on this is that it’s important that we don’t over-specify
> things that do not affect interoperability.
>

This sentence by itself means it should be MAY, or just don't use the key
words at all.  The BCP 14 key words are all about interoperability; if you
don't need them, don't use them.  In fact, Section 6 of RFC 2119 says in
its entirety:

   Imperatives of the type defined in this memo must be used with care
   and sparingly.  In particular, they MUST only be used where it is
   actually required for interoperation or to limit behavior which has
   potential for causing harm (e.g., limiting retransmisssions)  For
   example, they must not be used to try to impose a particular method
   on implementors where the method is not required for
   interoperability.

 From my perspective, what’s happened is that in RFC 4122 there is a whole
> bunch of detail about how to handle various edge cases, and these then
> become law and impose complexity on the target environment/implementation,
> whether it matters or not.  In the example above, most clocks just count
> forward most of the time, but edge cases exist such as adjustments from NTP
> or manual clock adjustments.  Some applications will require careful
> handling of this situation, but I suspect many will not care.  If we impose
> an exact solution that MUST be implemented for this edge case, the result
> will be every implementation will have to include the complexity for that
> edge case in order to be a “compliant” implementation, even though it
> literally may not matter at all for most implementations, and certainly
> doesn’t matter in terms of producing an output that is acceptable to
> another system that needs to receive a UUID.  Same thing on counters and
> like - I think we want to provide implementation suggestions, but not
> impose too many “you absolutely must do it this way or your implementation
> is broken” for things that do not affect interoperability. This line of
> thinking is also what drives suggestions about opacity and introspection.
> Implementations generally interoperate much better if they don’t
> unnecessarily inspect UUIDs, so we suggest people don’t, and instead to
> just use UUIDs just as opaque identifiers.  However, it’s unreasonable to
> assume that no implementation will ever parse a UUID and extract a
> timestamp or something else, and it's not like forbidding this behavior is
> even helpful because people would do it anyway since it’s technically
> possible.  That’s why there’s a lot of suggestions about how to generate
> UUIDs, but fewer strict requirements, because I believe that better models
> how implementations are done in the real world and what aides
> interoperability the most.
>
> That’s my take on it, hopefully it at least provides context.
>

Yes, it's very helpful.

Let me use this as an example:

"Implementations SHOULD use the current timestamp from a reliable source to
provide values that are time-ordered and continually increasing. Care SHOULD
be taken to ensure that timestamp changes from the environment or operating
system are handled in a way that is consistent with implementation
requirements. For example, if it is possible for the system clock to move
backward due to either manual adjustment or corrections from a time
synchronization protocol, implementations need to determine how to handle
such cases. (See Altering, Fuzzing, or Smearing below.)"

The SHOULD here doesn't create a hard requirement.  I could flatly ignore
this paragraph, arguing that I know what I'm doing, and still expect
producers and consumers to interoperate most or all of the time and claim
compliance with the specification.

I suggest:

Implementations MUST use the current timestamp from a reliable source to
provide values that are time-ordered and continually increasing.  Care is
to be taken to ensure that timestamp changes from the environment or
operating system are handled in a way that is consistent with this
requirement.  For example, if it is possible for the system clock to move
backward due to either manual adjustment or corrections from a time
synchronization protocol, implementations need to determine how to handle
such cases. (See Altering, Fuzzing, or Smearing below.

Or you could even do:

Implementations acquire a current timestamp from a reliable source to
provide values that are time-ordered and continually increasing.  Care is
to be taken to ensure that timestamp changes from the environment or
operating system are handled in a way that is consistent with this
requirement.  For example, if it is possible for the system clock to move
backward due to either manual adjustment or corrections from a time
synchronization protocol, implementations need to determine how to handle
such cases. (See Altering, Fuzzing, or Smearing below.

-MSK

v2.23.0 | Report a Bug | By Email