Re: [websec] [apps-discuss] ABNF references (was RE: AppsDir review of draft-ietf-websec-strict-transport-sec)

Brian E Carpenter <brian.e.carpenter@gmail.com> Thu, 03 May 2012 06:39 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E78BA21F85AD; Wed, 2 May 2012 23:39:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.547
X-Spam-Level:
X-Spam-Status: No, score=-101.547 tagged_above=-999 required=5 tests=[AWL=0.144, BAYES_00=-2.599, RCVD_ILLEGAL_IP=1.908, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fRFAK6yAJjSh; Wed, 2 May 2012 23:39:29 -0700 (PDT)
Received: from mail-wg0-f44.google.com (mail-wg0-f44.google.com [74.125.82.44]) by ietfa.amsl.com (Postfix) with ESMTP id B028D21F8528; Wed, 2 May 2012 23:39:28 -0700 (PDT)
Received: by wgbdr13 with SMTP id dr13so951113wgb.13 for <multiple recipients>; Wed, 02 May 2012 23:39:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=eyQz2wZyT49+gQhZz5zLwn/4WfoYActLSRf7EapuBoU=; b=rHcp663V9ZxzjsLV70YvrDOl4Au1cfRFgdn8kpNZukhbH9dFlWkD/qDGG+mY90TJxU xnDWPkINPl3cgbk6D4lUsnK1s7vTlRay0TNBMdGNdKuv2byJjzFewh5PAJ8amSFm4hi7 atfpMnOM2l1vDoNHHnAqCo/Z4erg3ZXtRVe4wF+t2bPzVxV5JhuTKoJbdRqukAiqdt3T VcJE40dLk95Sv/gH1lcZ8kHBTzyQO48u1fr4X/XVQqUnqO2WWweqiVhKkUVmLFoer1IZ 5+hVb3ejdsEEo9OmDGw4wKJwlHbm6kPBEv056s8madlabfPuVmRtTcCeiuGzSKPISCfF /7OQ==
Received: by 10.216.134.155 with SMTP id s27mr696278wei.80.1336027167649; Wed, 02 May 2012 23:39:27 -0700 (PDT)
Received: from [192.168.1.65] (host-2-102-217-144.as13285.net. [2.102.217.144]) by mx.google.com with ESMTPS id n20sm379878wiw.5.2012.05.02.23.39.25 (version=SSLv3 cipher=OTHER); Wed, 02 May 2012 23:39:26 -0700 (PDT)
Message-ID: <4FA22814.6020309@gmail.com>
Date: Thu, 03 May 2012 07:39:16 +0100
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Organization: University of Auckland
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: "Roy T. Fielding" <fielding@gbiv.com>
References: <9452079D1A51524AA5749AD23E003928106147@exch-mbx901.corp.cloudmark.com> <4F9EC5BD.7000404@gmx.de> <9452079D1A51524AA5749AD23E0039281075DB@exch-mbx901.corp.cloudmark.com> <4F9F9A8D.8080004@gmx.de> <9452079D1A51524AA5749AD23E003928107DBB@exch-mbx901.corp.cloudmark.com> <4FA03F4D.3050606@gmx.de> <9452079D1A51524AA5749AD23E00392810A6F1@exch-mbx901.corp.cloudmark.com> <35987DD9-06A7-4C71-90FA-8FA88427DDB8@gbiv.com>
In-Reply-To: <35987DD9-06A7-4C71-90FA-8FA88427DDB8@gbiv.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Fri, 04 May 2012 09:56:27 -0700
Cc: Julian Reschke <julian.reschke@gmx.de>, IETF WebSec WG <websec@ietf.org>, IETF Apps Discuss <apps-discuss@ietf.org>
Subject: Re: [websec] [apps-discuss] ABNF references (was RE: AppsDir review of draft-ietf-websec-strict-transport-sec)
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 May 2012 06:39:30 -0000

Roy,

On 2012-05-02 20:32, Roy T. Fielding wrote:
> On May 2, 2012, at 10:48 AM, Murray S. Kucherawy wrote:
>> 2) There's a common axiom that says it's safer to refer to a definition rather than to copy it.
> 
> I think we should recognize that as a false axiom and move on.
> 
> We should refer to orthogonal definitions that are subject to
> independent change control -- e.g., protocol elements that are
> defined in another spec because they change at a different
> rate than the referring spec or are used by multiple specs.
> 
> We should copy a definition by value if the referring spec
> depends on the definition (does not allow the parser to change
> even if some other spec were to define it and later extend it).

But that is contrary to the general principle in the IETF of
using normative references and *not* replicating normative material,
to avoid mistakes.

Both approaches have their advantages and disadvantages, but making
ABNF an exception seems problematic, or at least a decision that can't
be taken at Area level.

> My preference is to not use prose definitions at all -- I used
> them as a crutch when I first started writing IETF specs in 1994,
> and they burned me every time.
> 
> And if we go down the slippery slope, I would love to have a
> formal definition of set reduction, as in
> 
>    ALPHA = ALPHANUM - DIGIT
> 
> since I very commonly need rules that only differ by one or two
> characters being removed from the allowed set.

Would you call that "disinheritance" ?

    Brian