Re: 2119bis
Marc Petit-Huguenin wrote: The meaning of SHOULD is clear for the authors (it mean[s] that there may exist valid reasons in particular circumstances to ignore a particular item, but the full implications must be understood and carefully weighed before choosing a different course.), the problem is that some implementers use a different meaning No, it just means that some implementors follow the spec _to_the_letter_ and apply _their_ very own and very personal decision (carefully weighed). It should be pretty obvious that the definition is explicitly written in a fashion that different implementors are be expected to come up with different decisions based on their specific requirements and environments. SHOULD / RECOMMENDED is used in RFCs for just about everything between a MAY that is considered useful by some (or at least the document author) and something that is close to vital for the general use case but dispensible in some specific usage scenario. Hector sant9...@gmail.com wrote: STD10 (RFC821) has a SHOULD NOT drop connection before QUIT is negotiated, and it was changed in RFC2821 to a MUST NOT. [...] Even with all those warnings from the smart clients leveraging the delays, its ignored and increasingly happening and that server defensive prediction is starting to come true - by selectively ignoring the one RFC2821 MUST NOT drop connection mandate and selective using STD10 SHOULD NOT which RFC2119 says is an option, you don't need to follow it. I don't understand why this was changed, and I would very probably deliberatly ignore that MUST NOT drop if I ever had to implement this. When dealing with network connections, a dropping of the network connection can *ALWAYS* happen, so rather than specifying ostrich-like behaviour, the protocol should have been defined to handle this situation gracefully. And it really doesn't matter whether the connection dropped to a network malfunction, endpoint malfunction, attack or an act of self-defence for an unexpectedly long delay or timeout. -Martin ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On 8/29/11 3:36 PM, Peter Saint-Andre wrote: After staring at http://www.rfc-editor.org/errata_search.php?eid=499 for long enough, I finally decided to submit an I-D that is intended to obsolete RFC 2119. I hope that I've been able to update and clarify the text in a way that is respectful of the original. Feedback is welcome. http://www.ietf.org/id/draft-saintandre-2119bis-01.txt Based on the feedback received, I do not plan to pursue further work on that Internet-Draft. However, given that the IETF Secretariat and the RFC Editor team already accept documents that include NOT RECOMMENDED in the RFC 2119 boilerplate, does anyone see harm in verifying the aforementioned erratum? Peter -- Peter Saint-Andre https://stpeter.im/ ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
12.09.2011 18:34, Peter Saint-Andre wrote: On 8/29/11 3:36 PM, Peter Saint-Andre wrote: After staring at http://www.rfc-editor.org/errata_search.php?eid=499 for long enough, I finally decided to submit an I-D that is intended to obsolete RFC 2119. I hope that I've been able to update and clarify the text in a way that is respectful of the original. Feedback is welcome. http://www.ietf.org/id/draft-saintandre-2119bis-01.txt Based on the feedback received, I do not plan to pursue further work on that Internet-Draft. However, given that the IETF Secretariat and the RFC Editor team already accept documents that include NOT RECOMMENDED in the RFC 2119 boilerplate, does anyone see harm in verifying the aforementioned erratum? In strict accordance with http://www.ietf.org/iesg/statement/errata-processing.html this erratum should be Held for Document Update: 5. Typographical errors which would not cause any confusions to implementation or deployments should be Hold for Document Update. 6. Changes which are simply stylistic issues or simply make things read better should be Hold for Document Update. However, as far as the corrected boilerplate is widely used, I think there is no harm in marking it as Verified. Mykyta Yevstifeyev Peter ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
--On Monday, September 12, 2011 09:34 -0600 Peter Saint-Andre stpe...@stpeter.im wrote: On 8/29/11 3:36 PM, Peter Saint-Andre wrote: After staring at http://www.rfc-editor.org/errata_search.php?eid=499 for long enough, I finally decided to submit an I-D that is intended to obsolete RFC 2119. I hope that I've been able to update and clarify the text in a way that is respectful of the original. Feedback is welcome. http://www.ietf.org/id/draft-saintandre-2119bis-01.txt Based on the feedback received, I do not plan to pursue further work on that Internet-Draft. However, given that the IETF Secretariat and the RFC Editor team already accept documents that include NOT RECOMMENDED in the RFC 2119 boilerplate, does anyone see harm in verifying the aforementioned erratum? Sigh. Sorry to make this more complicated but, IMO, the error in 2119 and, to some extent, recent practice, is in permitting RECOMMENDED as a synonym for SHOULD, not in failing to permit its opposite. If one goes back to 2026, there is a fairly clear separation between Technical Specifications and interoperability requirements (terminology for which appears in 2119) and the Requirement levels and conformance requirements of Applicability Statements. Those levels, as specified in Section 3.3 of RFC 2026, are Required, Recommended, Elective, Limited Use, and Not Recommended. According to 2026, those requirement levels in AS documents apply to entire TSs but I think we have sometimes relaxed that a bit into statements about features within a TS. If AS requirement level statements apply only to full TS specifications, the use for RECOMMENDED as a statement about interoperability requirements, synonymous with SHOULD is merely somewhat confusing. If we are going to sometimes have ASs that make statements at the feature level, then it is disastrously so because the same term has an interoperability meaning in one context, a conformance meaning in another, and there may be no reliable way to deduce the difference. To provide an additional focus for this, I've just filed proposed erratum 2969 (http://www.rfc-editor.org/errata_search.php?rfc=2119eid=2969) that reflects the comments above. You now have a choice about which one to approve :-) regards, john ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
John C Klensin wrote: On 8/29/11 3:36 PM, Peter Saint-Andre wrote: http://www.ietf.org/id/draft-saintandre-2119bis-01.txt Based on the feedback received, I do not plan to pursue further work on that Internet-Draft. However, given that the IETF Secretariat and the RFC Editor team already accept documents that include NOT RECOMMENDED in the RFC 2119 boilerplate, does anyone see harm in verifying the aforementioned erratum? Sigh. Sorry to make this more complicated but, IMO, the error in 2119 and, to some extent, recent practice, is in permitting RECOMMENDED as a synonym for SHOULD, not in failing to permit its opposite. ... To provide an additional focus for this, I've just filed proposed erratum 2969 (http://www.rfc-editor.org/errata_search.php?rfc=2119eid=2969) that reflects the comments above. You now have a choice about which one to approve :-) hmm, now I am even more confused!!! Does this mean people could now add this errata reference in their new documents? Does it mean authors SHOULD|MUST remove and stop all usage of RECOMMENDED in their current and future docs? How about an Errata to the Errata? :) -- HLS ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
John, I don't share your confusion. I do feel that to be able to construct reasonably pleasant sentences, we need both the verb SHOULD and the adjectival participle RECOMMENDED, and their negatives, in various circumstances. I could propose an alternative erratum, adding MANDATORY, but I won't; it's NOT MANDATORY to increase confusion. Regards Brian On 2011-09-13 04:41, John C Klensin wrote: --On Monday, September 12, 2011 09:34 -0600 Peter Saint-Andre stpe...@stpeter.im wrote: On 8/29/11 3:36 PM, Peter Saint-Andre wrote: After staring at http://www.rfc-editor.org/errata_search.php?eid=499 for long enough, I finally decided to submit an I-D that is intended to obsolete RFC 2119. I hope that I've been able to update and clarify the text in a way that is respectful of the original. Feedback is welcome. http://www.ietf.org/id/draft-saintandre-2119bis-01.txt Based on the feedback received, I do not plan to pursue further work on that Internet-Draft. However, given that the IETF Secretariat and the RFC Editor team already accept documents that include NOT RECOMMENDED in the RFC 2119 boilerplate, does anyone see harm in verifying the aforementioned erratum? Sigh. Sorry to make this more complicated but, IMO, the error in 2119 and, to some extent, recent practice, is in permitting RECOMMENDED as a synonym for SHOULD, not in failing to permit its opposite. If one goes back to 2026, there is a fairly clear separation between Technical Specifications and interoperability requirements (terminology for which appears in 2119) and the Requirement levels and conformance requirements of Applicability Statements. Those levels, as specified in Section 3.3 of RFC 2026, are Required, Recommended, Elective, Limited Use, and Not Recommended. According to 2026, those requirement levels in AS documents apply to entire TSs but I think we have sometimes relaxed that a bit into statements about features within a TS. If AS requirement level statements apply only to full TS specifications, the use for RECOMMENDED as a statement about interoperability requirements, synonymous with SHOULD is merely somewhat confusing. If we are going to sometimes have ASs that make statements at the feature level, then it is disastrously so because the same term has an interoperability meaning in one context, a conformance meaning in another, and there may be no reliable way to deduce the difference. To provide an additional focus for this, I've just filed proposed erratum 2969 (http://www.rfc-editor.org/errata_search.php?rfc=2119eid=2969) that reflects the comments above. You now have a choice about which one to approve :-) regards, john ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Hi Peter, At 08:34 12-09-2011, Peter Saint-Andre wrote: Based on the feedback received, I do not plan to pursue further work on that Internet-Draft. However, given that the IETF Secretariat and the RFC Editor team already accept documents that include NOT RECOMMENDED in the RFC 2119 boilerplate, does anyone see harm in verifying the aforementioned erratum? One of the properties of a RFC is immutability. In practice, this means that if you make a mistake and invert a bit in your specification, everyone else implementing the specification makes the same mistake. This ensures that implementations interoperate. In the case of NOT RECOMMENDED, as you mentioned, there are documents that include the term and the term is defined in Section 4 of 2119. There is also a note that says that the force of the words is modified by the requirement level of the document. Given that there could be side effects, I suggest considering the erratum as a change. The only harm here is the erratum as it paves the way for different interpretations when it is flagged as verified. Regards, -sm P.S. According to the The Chicago Manual of Style, an erratum is a device to be used only in extreme cases where errors severe enough to cause misunderstanding are detected too late to correct in the normal way but before the finished book is distributed. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
--On Tuesday, September 13, 2011 08:28 +1200 Brian E Carpenter brian.e.carpen...@gmail.com wrote: John, I don't share your confusion. I do feel that to be able to construct reasonably pleasant sentences, we need both the verb SHOULD and the adjectival participle RECOMMENDED, and their negatives, in various circumstances. I could propose an alternative erratum, adding MANDATORY, but I won't; it's NOT MANDATORY to increase confusion. Brian, I don't think this is worth pushing very hard, nor spending a lot of time on. If Peter wants to approve the other (499) erratum in the name of editorial consistency, I will lose exactly zero sleep over it. However, as things have evolved, our goal is apparently to turn the terminology of 2026 and 2119 into very specific terms of art with clear boundaries. Personally, I don't particularly like such efforts. As you know from other discussions, I generally believe that trying to force our increasingly-complex protocols and protocol interactions into rigid categories (whether those are Proposed/ Draft/ Full, MUST/ SHOULD / MAY and their negations, or something else), presumably by the method of Procrustes because nothing else really works, does not serve us well. But, if we are going to do it, then lists of synonyms and near-synonyms for those terms of art really don't help us. Even if use of the specific terms sometimes leads to awkward sentence constructions, so does trying to avoid those terms when they are not appropriate. I note that draft-hansen-nonkeywords-non2119 takes us into the realm of personifying protocols to the extent of talking about what they need to do, a construction that would have given the people who taught me --and probably you-- how to write at least a bad case of the creeps and possible outrage. So, again, if we really intend terms of art, rather than slightly-less-informal prose, I think we would be better off with one term per concept/category and living with it. If we really intend slightly-less-informal prose --which is the way I took the intent of 2119 when it was first written (perhaps erroneously)-- then none of this discussion and the corresponding hair-splitting makes much difference and we should just make 2119 internally consistent and move on. YMMD. john ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On 9/3/2011 7:14 AM, Noel Chiappa wrote: On Tue, 30 Aug 2011, Martin Sustrik wrote: For an implementor it's often pretty hard to decide whether to implement functionality marked as SHOULD given that he has zero context and no idea whether the reason he has for not implementing the feature is at all in line with RFC authors' intentions. For me, I would say that unless the implementor in question has experience in designing protocols, and fairly deep understanding of that particular area, they are not in a position to make a good judgement on whether or not they can ignore a 'SHOULD'. FWIW, IMO SHOULD should only be used in docs when accompanied by a description of a known or suspected exception case. Otherwise it's just a wiggle-word variant of MUST, and there's no point in being vague in a spec. Joe ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
A fundamental fact is that the IETF RFC document models are for a multiple-disciplined environments of people, at least most are writing with a mix view of different audiences.Not too many break it down to different functional vs technical specification levels. A Manager, Docs, Help, Support, Admin person might read SHOULD different in how its applied than perhaps a software/author person in the finer details in the how things work or behave differently than what was interpreted at higher levels. IMV, this is all about good software or component engineering methods, and if one wishes to follow a trend, take a look at industry efforts, such as with Microsoft SE efforts with Code Contracts which is to basically provide a meta language to make sure functional I/O interfaces are well defined especially with well defined exceptions. Here is wikipedia's description of this growing direction with developers that increasingly need all the help they can get in an extreme complex integrated world of Plug and Play pieces: http://en.wikipedia.org/wiki/Design_by_contract The central idea of DbC is a metaphor on how elements of a software system collaborate with each other, on the basis of mutual obligations and benefits. The metaphor comes from business life, where a client and a supplier agree on a contract which defines for example that: o The supplier must provide a certain product (obligation) and is entitled to expect that the client has paid its fee (benefit). o The client must pay the fee (obligation) and is entitled to get the product (benefit). o Both parties must satisfy certain obligations, such as laws and regulations, applying to all contracts. Is there such an ideas for IETF Standards Engineering Implementation Contracts? I think that is what we are trying to do here with RFC2026, RFC2019 all along. But to me, the only way you can even begin this, is for the author to first layout and for the reader to extract what are the minimum requirements of a RFC protocol specification - that is the first CODE CONTRACT anyone can even first thing about. -- John C Klensin wrote: --On Tuesday, September 13, 2011 08:28 +1200 Brian E Carpenter brian.e.carpen...@gmail.com wrote: John, I don't share your confusion. I do feel that to be able to construct reasonably pleasant sentences, we need both the verb SHOULD and the adjectival participle RECOMMENDED, and their negatives, in various circumstances. I could propose an alternative erratum, adding MANDATORY, but I won't; it's NOT MANDATORY to increase confusion. Brian, I don't think this is worth pushing very hard, nor spending a lot of time on. If Peter wants to approve the other (499) erratum in the name of editorial consistency, I will lose exactly zero sleep over it. However, as things have evolved, our goal is apparently to turn the terminology of 2026 and 2119 into very specific terms of art with clear boundaries. Personally, I don't particularly like such efforts. As you know from other discussions, I generally believe that trying to force our increasingly-complex protocols and protocol interactions into rigid categories (whether those are Proposed/ Draft/ Full, MUST/ SHOULD / MAY and their negations, or something else), presumably by the method of Procrustes because nothing else really works, does not serve us well. But, if we are going to do it, then lists of synonyms and near-synonyms for those terms of art really don't help us. Even if use of the specific terms sometimes leads to awkward sentence constructions, so does trying to avoid those terms when they are not appropriate. I note that draft-hansen-nonkeywords-non2119 takes us into the realm of personifying protocols to the extent of talking about what they need to do, a construction that would have given the people who taught me --and probably you-- how to write at least a bad case of the creeps and possible outrage. So, again, if we really intend terms of art, rather than slightly-less-informal prose, I think we would be better off with one term per concept/category and living with it. If we really intend slightly-less-informal prose --which is the way I took the intent of 2119 when it was first written (perhaps erroneously)-- then none of this discussion and the corresponding hair-splitting makes much difference and we should just make 2119 internally consistent and move on. YMMD. john ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Alan Barrett wrote: On Tue, 30 Aug 2011, Martin Sustrik wrote: For an implementor it's often pretty hard to decide whether to implement functionality marked as SHOULD given that he has zero context and no idea whether the reason he has for not implementing the feature is at all in line with RFC authors' intentions. The likelyhood of a SHOULD getting implemented is directly related to its implementation complexity. There are extremely complex protocols (such as PKIX/rfc5280) where implementing all SHOULDs is economically infeasible for many implementations (there are even some MUSTs in the spec that are regularly ignored--and one can hardly blame implementations for it). It's really simple. If an interoperability problem arises from your failure to implement a SHOULD, then it's your fault. Hardly. A protocol spec ought to be architected so that two implementations of only the MUST requirements will still be interoperable, otherwise it is calling for troubles. A should requirement for a communications protocol means that the _other_ end must sensibly (which in many cases implies gracefully) deal with peers that do not implement SHOULDs. -Martin ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
RE: 2119bis
I agree with several who have already voiced objections to obsoleting 2119. On the other hand, a BCP on conformance keyword usage could be useful. In addition to the clarification of the use of SHOULD (that is being discussed at length), I would like to see a clarification of the difference between MUST and metaMUST (or supportMUST or interopMUST) and regular/meta similar terms for SHOULD, MAY, etc. and examples of their use. By that I mean the difference between MUST: When sending a foo message you MUST include the bar TLV metaMUST: All implementations MUST support the bar TLV the latter meaning that bar is not always sent, but if sent it must be properly processed. There is an (AFAIK unwritten) rule about metaMUST, that I believe SHOULD be documented. If the protocol allows several options for doing something, precisely one MUST be a metaMUST, and the others metaMAYs. Note that the MUST in the previous sentence is MUST about the use of a metaMUST, and is this a metametaMUST. I am not sure if the previous SHOULD is a meta^2SHOULD or a meta^3SHOULD. Y(J)S -Original Message- From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of Peter Saint-Andre Sent: Tuesday, August 30, 2011 00:37 To: IETF discussion list Subject: 2119bis After staring at http://www.rfc-editor.org/errata_search.php?eid=499 for long enough, I finally decided to submit an I-D that is intended to obsolete RFC 2119. I hope that I've been able to update and clarify the text in a way that is respectful of the original. Feedback is welcome. http://www.ietf.org/id/draft-saintandre-2119bis-01.txt Peter -- Peter Saint-Andre https://stpeter.im/ ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
John C Klensin wrote: --On Wednesday, August 31, 2011 23:10 -0400 Sam Hartman Hmm. Most of the times I use SHOULD I'd expect them to stay SHOULD. SHOULD doesn't mean this feature is desired, it means do this unless you have justification for doing something else. There are a few cases (new algorithms) where you mean SHOULD+ (we'll move to MUST in the future) but often you mean do this unless you're in a constrained environment, or you know you won't need it or something like that. In those cases, SHOULDS tend to stay SHOULDS. +1 Exactly right. Indeed, if I agreed with Eric's view, I'd think we should abolish SHOULD and SHOULD NOT (almost) entirely, replacing them with temporary qualifications for MUST that would convey not quite sure about this yet, but MUST is certainly our intention. Tentative or Provisional, with appropriate IETF-specific definitions, would be two such words. I like those terms, Tentative, Provisional, perhaps also Exploratory, Experimental. But consider, if SHOULD [NOT] was to be abolished, wouldn't MUST [NOT] now be redundant and implied in functional and technical semantics? It seems it will reduce to usages of key words such as: IMPLEMENT, USE, NEGOTIATE, IFF, DON'T, CAPABLE, DEPEND and perhaps PLEASE and their negatives. PLEASE IMPLEMENT X, Y, Z. PLEASE NEGOTIATE for X first and PLEASE USE Y IFF peer implementators are not CAPABLE of Z. IMPLEMENTATION NOTE: PLEASE DON'T DEPEND on X, Y, or Z if peer implementation are not capable of X, Y or Z. Jokes to the side, IMO, I don't see how it would be possible to impose things on implementators deciding on items that are not necessary, overdone, candy and perhaps Pareto's principle comes into play - It works 100% of the time for the minimum required which represents 80% of the total capabilities. The situation here appears to be features in the remaining 20% now become more necessary overtime and in hindsight, we see there are a lot Oops that didn't make those things part of the minimum requirements. Will any future rewording of compliance docs change this or make it better? I don't seem to think so because as we all know, perfection is not possible - we need to have those knobs and switches. Making everything a MUST [NOT] or wording things to steer people to 100% implementation will most like raise the adoption barrier and and we end up relaxing things anyway just to get people to consider an RFC. My opinion. -- HLS ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Michael Richardson wrote: Keith == Keith Moore mo...@network-heretics.com writes: In my view, SHOULD are user protocol options to set. Keith In my view, SHOULD should rarely be used for optional Keith protocol features, because optional protocol features should Keith themselves be rare. And the primary purpose of SHOULD is not Keith to permit optional protocol features. Let me give an example of where I think SHOULD is useful: a TLS end-point SHOULD verify the received certificate against a trusted anchor. Removing this requirement in SMTP-TLS has meant that we now have opportunistically encrypted email transmission. It makes sense for the TLS library to have this option. In a web browser, the same SHOULD is much more controversial. Some TLS libraries have this as a MUST, and there is all sorts of trouble for people implementing other protocols or authentication mechanisms over TLS. +1 The issue here, in my technical opinion, is the difference in the functionality. With HTTP, you have the design ergonomics options for interactive I/O with the user to allow the user (giving him the benefit of doubts) to decide. With SMTP, it is inherently designed for automated decisions. I guess one can suggest it is technically possible by having user decisions predefined. But for SMTP-TLS, we have a chicken and egg design problem - what comes first the SYSTEM or the USER? SMTP-TLS is decided before the USER is known, but is not inconceivable to have a belated automated SMTP-TLS state decision made until the target user is known. -- HLS ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Tue, 30 Aug 2011, Martin Sustrik wrote: For an implementor it's often pretty hard to decide whether to implement functionality marked as SHOULD given that he has zero context and no idea whether the reason he has for not implementing the feature is at all in line with RFC authors' intentions. It's really simple. If an interoperability problem arises from your failure to implement a SHOULD, then it's your fault. --apb (Alan Barrett) ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Alan Barrett wrote: On Tue, 30 Aug 2011, Martin Sustrik wrote: For an implementor it's often pretty hard to decide whether to implement functionality marked as SHOULD given that he has zero context and no idea whether the reason he has for not implementing the feature is at all in line with RFC authors' intentions. It's really simple. If an interoperability problem arises from your failure to implement a SHOULD, then it's your fault. Even when dealing with backward compatibility requirements when the author adds a SHOULD in spec v2.0 that was never there before in spec v1.0? It is not just about the implementor not supporting a new v2.0 SHOULD option, but there could be v1.0 implementator that isn't going to use these feature and will never happen - the same repercussions as if the v2.0 implementator choose to not implement it or turn it on. You can't break down if an implementator don't know, doesn't implement or implements but it is turned off. Maybe we need a NO-FAULT-SHOULD keyword? :-) -- HLS ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Sam Hartman wrote: Eric == Eric Burger ebur...@standardstrack.com writes: Eric This highlights an interesting issue as an RFC goes from PS to Eric IS. I would offer that most SHOULDs in a document will, if Eric there are real implementations out there, migrate to MUST or Eric MUST NOT. Eric On Aug 31, 2011, at 9:57 AM, hector wrote: Hmm. Most of the times I use SHOULD I'd expect them to stay SHOULD. SHOULD doesn't mean this feature is desired, it means do this unless you have justification for doing something else. There are a few cases (new algorithms) where you mean SHOULD+ (we'll move to MUST in the future) but often you mean do this unless you're in a constrained environment, or you know you won't need it or something like that. In those cases, SHOULDS tend to stay SHOULDS. +1. Eric, I was referring to the implementation level where one can afford to make streamlining decisions overtime when options become stable and never change its state. It can be removed to make things easier out of the box, but I would not not propose it as a spec change. Beside the obvious backward compatibilities issue, changes can be leverage to perform different functional needs than what was not the original intent. One real example is with SMTP just recently realized how a SHOULD to MUST change has been leveraged. STD10 has a SHOULD NOT drop connection before QUIT negotiated, changed in RFC2821 (now RFC5321) to a MUST NOT. We are observing a lost of CPU idle time and resources (channels) consumption with anonymous clients intentionally holding connections open while for additional mail transactions to arrive and send. The only receiver defense to control the abuse is to violate RFC5321 by dropping the client after the first transaction. Note: No intent to highlight this issue, just an example of changing a SHOULD to a MUST not necessarily due to long term stabilization, but for new functional needs have repercussions. -- HLS ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
--On Wednesday, August 31, 2011 23:10 -0400 Sam Hartman hartmans-i...@mit.edu wrote: Eric == Eric Burger ebur...@standardstrack.com writes: Eric This highlights an interesting issue as an RFC goes from PS to Eric IS. I would offer that most SHOULDs in a document will, if Eric there are real implementations out there, migrate to MUST or Eric MUST NOT. Eric On Aug 31, 2011, at 9:57 AM, hector wrote: Hmm. Most of the times I use SHOULD I'd expect them to stay SHOULD. SHOULD doesn't mean this feature is desired, it means do this unless you have justification for doing something else. There are a few cases (new algorithms) where you mean SHOULD+ (we'll move to MUST in the future) but often you mean do this unless you're in a constrained environment, or you know you won't need it or something like that. In those cases, SHOULDS tend to stay SHOULDS. +1 Exactly right. Indeed, if I agreed with Eric's view, I'd think we should abolish SHOULD and SHOULD NOT (almost) entirely, replacing them with temporary qualifications for MUST that would convey not quite sure about this yet, but MUST is certainly our intention. Tentative or Provisional, with appropriate IETF-specific definitions, would be two such words. Note that this loops back to the the discussion about conformance and certification. The standards bodies whose principal concerns about about conformance and certification cannot use what we call SHOULD because one cannot build a conformance test around a case that might have exceptions, especially exceptions that are not completely enumerated. They can, and do, use what we periodically describe with language like MUST implement but are not required to configure in operation (and, to add to the confusion, sometimes call that SHOULD use), but the conformance test then checks only for the implementation and, perhaps, for the presence of the knob. john ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Tue, 30 Aug 2011, Martin Sustrik wrote: For an implementor it's often pretty hard to decide whether to implement functionality marked as SHOULD given that he has zero context and no idea whether the reason he has for not implementing the feature is at all in line with RFC authors' intentions. For me, I would say that unless the implementor in question has experience in designing protocols, and fairly deep understanding of that particular area, they are not in a position to make a good judgement on whether or not they can ignore a 'SHOULD'. Noel ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Noel Chiappa wrote: For me, I would say that unless the implementor in question has experience in designing protocols, and fairly deep understanding of that particular area, they are not in a position to make a good judgement on whether or not they can ignore a 'SHOULD'. True Noel, but the author has to be aware that he might not get what it wants. See RFC2119 Section 6. SHOULD really shines in protocols that are updated. For example: X1 is in original Protocol v1.0 MUST USE X1 For protocol v2.0, X2 is a improved version of X1. SHOULD USE X2 IF POSSIBLE, IF NOT MUST USE X1 Its the same as saying MUST USE X2 first or X1 as a fallback Implementors using Protocol v2.0 will use X2, if it wants to because it can use X1. You have no control over this. X2 can be an improved version the operator doesn't like. He likes X1. Legacy Implementors using Protocol v1.0 doesn't known anything about X2 so it will naturally use X1. On the only had, you have can have: Protocol v1.0 with X1 with Protocol V2.0 X1 and X2. The protocol v2.0 implementor may not be able to do X2 unless it knows the other side is protocol v2.0 ready. It all depends - it can have an auto-negotiation for the highest X version or one that is disabled too. In all cases, The end points must not break down when one or the other lacks X2 support. Make sense? -- HLS ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Hi - From: Hector sant9...@gmail.com Cc: ietf@ietf.org Sent: Saturday, September 03, 2011 7:52 AM Subject: Re: 2119bis ... For protocol v2.0, X2 is a improved version of X1. SHOULD USE X2 IF POSSIBLE, IF NOT MUST USE X1 Its the same as saying MUST USE X2 first or X1 as a fallback ... No, those two formulations mean different things. If the first SHOULD were a MUST, then they'd be close but still not equivalent. Randy ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
RE: 2119bis
-Original Message- From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of Alan Barrett Sent: Saturday, September 03, 2011 12:20 AM To: IETF Discussion Subject: Re: 2119bis It's really simple. If an interoperability problem arises from your failure to implement a SHOULD, then it's your fault. +1, and very well said. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
RE: 2119bis
-Original Message- From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of John C Klensin Sent: Saturday, September 03, 2011 6:00 AM To: Sam Hartman; Eric Burger Cc: IETF discussion list Subject: Re: 2119bis Note that this loops back to the the discussion about conformance and certification. The standards bodies whose principal concerns about about conformance and certification cannot use what we call SHOULD because one cannot build a conformance test around a case that might have exceptions, especially exceptions that are not completely enumerated. They can, and do, use what we periodically describe with language like MUST implement but are not required to configure in operation (and, to add to the confusion, sometimes call that SHOULD use), but the conformance test then checks only for the implementation and, perhaps, for the presence of the knob. We do have a few RFCs that have a subsection called Conformance Requirements or something close to it. Section 3 of RFC3464 comes to mind, and it's not that old. I take it the current posture in the IETF is that such things are actually a bad idea, or at least not something we encourage? For especially large or complex protocol documents, it might not be a bad idea to have all the MUSTs, SHOULDs and MAYs enumerated in one place as a summary for implementers to use as a checklist, and they can then consult the rest of the document for the details about how to implement each point. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
- Original Message - From: George Willingmyre g...@gtwassociates.com To: Mykyta Yevstifeyev evniki...@gmail.com; ietf@ietf.org Sent: Thursday, September 01, 2011 4:00 PM Subject: Re: 2119bis While we are on the topic of definitions I hoped to stimulate thinking and we can reach the conclusion that best meets our needs. The source parent document is at the URL on the ANSI web site http://publicaa.ansi.org/sites/apdl/Documents/Standards%20Activities/Internation al%20Standardization/ISO/ISO_IEC_Directives_Part2.pdf ISO/IEC Directives, Part 2 Rules for the structure and drafting of International Standards tp And .. They have their terms in Appendix H, and while we agree on MUST/SHALL, we disagree on SHOULD; ISO IEC have a much weaker interpretation of 'should' than the IETF. No doubt it works for them as ours does for us. Tom Petch /tp George T. Willingmyre, P.E. President, GTW Associates Spencerville, MD USA 20868 301.421.4138 www.gtwassociates.com - Original Message - From: Mykyta Yevstifeyev To: ietf@ietf.org Sent: Thursday, September 01, 2011 9:48 AM Subject: Re: 2119bis ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
RE: 2119bis
-Original Message- From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of Hector Sent: Thursday, September 01, 2011 5:56 PM To: Michael StJohns Cc: IETF Discussion Subject: Re: 2119bis Good points, but the subtleties are too wide spread to generalize, especially dealing with integrated protocols and now there are boundary layers related issues. For example: DKIM MUST|SHOULD|MAY validate its input stream for illegal multiple 8222.From fields because this has been shown to cause a potential security exploit. [...] So this protracted (and, in my view, hijacked) sound-and-fury thread about concerns with interpretation of RFC2119 and the rough consensus process, and hints about an activist Area Director, is really just a platform to vent your frustration with a decision made in a working group where you were in the minority? The issue to which you're referring closed months ago. After a long battle, some compromise text was reached that included some of what you advocated, which during IESG evaluation drew a DISCUSS and it was rolled back before being approved for publication. This is all recorded in the archives. It really is time to move on. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
I take a offense to your blabbing which just puts people on the defensive. The fact is, your are incorrect in your continue personalization. The topic includes examples of problems where this RFC2119Bis enforcement is being sort, which quite frankly, you have been very much been part of that push. I do understand why you want everyone to upgrade their software to meet your needs, but you seem to lack the understanding that you just can't do it the way you want to, hence why there are delays in your publication, and DKIM is still an accident waiting to happen. Ciao Murray S. Kucherawy wrote: -Original Message- From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of Hector Sent: Thursday, September 01, 2011 5:56 PM To: Michael StJohns Cc: IETF Discussion Subject: Re: 2119bis Good points, but the subtleties are too wide spread to generalize, especially dealing with integrated protocols and now there are boundary layers related issues. For example: DKIM MUST|SHOULD|MAY validate its input stream for illegal multiple 8222.From fields because this has been shown to cause a potential security exploit. [...] So this protracted (and, in my view, hijacked) sound-and-fury thread about concerns with interpretation of RFC2119 and the rough consensus process, and hints about an activist Area Director, is really just a platform to vent your frustration with a decision made in a working group where you were in the minority? The issue to which you're referring closed months ago. After a long battle, some compromise text was reached that included some of what you advocated, which during IESG evaluation drew a DISCUSS and it was rolled back before being approved for publication. This is all recorded in the archives. It really is time to move on. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Eric == Eric Burger ebur...@standardstrack.com writes: Eric This highlights an interesting issue as an RFC goes from PS to Eric IS. I would offer that most SHOULDs in a document will, if Eric there are real implementations out there, migrate to MUST or Eric MUST NOT. Eric On Aug 31, 2011, at 9:57 AM, hector wrote: Hmm. Most of the times I use SHOULD I'd expect them to stay SHOULD. SHOULD doesn't mean this feature is desired, it means do this unless you have justification for doing something else. There are a few cases (new algorithms) where you mean SHOULD+ (we'll move to MUST in the future) but often you mean do this unless you're in a constrained environment, or you know you won't need it or something like that. In those cases, SHOULDS tend to stay SHOULDS. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Murray S. Kucherawy wrote: Ditto. And I also see a lot of creative interpretation. There's little we can do to thwart any of those problems; some people read what they want to read and do so in a vacuum. +1. I couldn't agree with you more Murray! When you consider that its not very hard to find mainstream software, or even the one they are using to post mail in the list using well established IETF protocols that follows RFC2119 to the letter, it makes you wonder if there really a problem with RFC2119. I mean, I don't see it myself. It reads pretty clear to me, especially section 6 with that precise non-ambiguous sentence. 6. Guidance in the use of these Imperatives Imperatives of the type defined in this memo must be used with care and sparingly. In particular, they MUST only be used where it is actually required for interoperation or to limit behavior which has potential for causing harm (e.g., limiting retransmisssions) For example, they must not be used to try to impose a particular method on implementors where the method is not required for interoperability. That last sentence is so clear. Maybe the error is not using an uppercase MUST NOT and NOT REQUIRED in that last sentence. Maybe software people need logic statements like: If X doesn't need Y, then MUST NOT use SHOULD to impose Y. Honestly, this is like in the DKIM WG where DKIM tried to impose the SMTP extension 8BITMIME on SMTP servers with a SHOULD keyword. DKIM tried to make that a MUST but the DKIM WG rejected it, I guess because too many SMTP servers did not support 8BITMIME and it wasn't really required. I think one person had a problem or something like that and because of them, DKIM wanted to force 8BITMIME on SMTP Servers. So instead the DKIM WG was yelled at for being RFC2119 illiterates because DKIM didn't need a MUST anyway a SHOULD was enough to mandate 8BITMIME and any SMTP server that didn't support 8BITMIME was broken already. So the question here is: Does DKIM need 8BITMIME in order to work correctly? DKIM seems to be working fine without it. I will say that I don't agree that there isn't much anyone can do to thwart these problems. You really can by just sticking to engineering conviction and point out which misinterpretations of RFC2119 can cause some serious problems, like with SMTP! STD10 (RFC821) has a SHOULD NOT drop connection before QUIT is negotiated, and it was changed in RFC2821 to a MUST NOT. I guess RFC2119, released during DRUMS, was misread to help provide the rational that a SHOULD NOT is really not an option so why not make it a MUST NOT? After all there is really no valid reason for not a client not to seen a QUIT and all those clients that don't are broken! But look at that Current Standard STD10 SHOULD to Proposed Standard MUST did! Receivers now are forced to wait for the client to hangup for upto 5 minutes and this allowed smart clients to leverage this delay to hold the remote host connection to wait for more mail to send. Is that a problem? Well, maybe not, but those smart clients seem to think so warning client operators to: - Use it Wisely, - Seek Remote Host permission to consume computer resources - Do no hold the server too long - Its considered Anti-Social, and - even foretold that is abuse remote hosts, they might begin to drop you and block you! Even with all those warnings from the smart clients leveraging the delays, its ignored and increasingly happening and that server defensive prediction is starting to come true - by selectively ignoring the one RFC2821 MUST NOT drop connection mandate and selective using STD10 SHOULD NOT which RFC2119 says is an option, you don't need to follow it. Its frustrating I must admit when people read RFC2119 with creative interpretations to do things it doesn't what you to do! -- HLS ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Sep 1, 2011, at 2:58 AM, Hector wrote: 6. Guidance in the use of these Imperatives Imperatives of the type defined in this memo must be used with care and sparingly. In particular, they MUST only be used where it is actually required for interoperation or to limit behavior which has potential for causing harm (e.g., limiting retransmisssions) For example, they must not be used to try to impose a particular method on implementors where the method is not required for interoperability. That last sentence is so clear. Maybe the error is not using an uppercase MUST NOT and NOT REQUIRED in that last sentence. Maybe software people need logic statements like: I actually think that the last sentence is overbroad. There are other defensible reasons to use the 2119 keywords than those enumerated in the document. And those words can be (and have been) interpreted in such a way as to compel working groups to fail to make design choices, and to permit too many alternative choices in implementations. Keith ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
I offer for consideration in the attachment the ISO and IEC requirements for use of the terms Shall ; Shall not; Should; Should not ; May; Need not ; Can'; Cannot in ISO and IEC standards. This document explains why ISO/IEC selects Shall and Shall not rather than Must and Must not to denote mandatory requirements. Do not use must as an alternative for shall. (This will avoid any confusion between the requirements of a document and external statutory obligations.) It is in the interests of IETF to contemplate and perhaps reference this ISO/IEC document somehow in our definition of the terms below 2.1. MUST . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.2. MUST NOT . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.3. SHOULD . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.4. SHOULD NOT . . . . . . . . . . . . . . . . . . . . . . . . 4 2.5. MAY . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 George T. Willingmyre, P.E. President, GTW Associates Spencerville, MD USA 20868 301.421.4138 www.gtwassociates.com Directives, Part 2, Annex H.PDF Description: Adobe PDF document ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
George, We currently use MUST in regular cases and SHALL when we either want not to create confusion where non-normative must is used or for aesthetic reasons, eg. to make a requirement look not so strict as MUST implies (even though formally they both have similar force). I personally use SHALL when I mean it is to be so and not strict it is mandatory and obligatory and compulsory and ... to be so. CAN and CANNOT are an interesting idea, but they have little in common with conformance. Current 2119 language, as primarily used in http://tools.ietf.org/html/rfc1123#page-11, was intended to clear up the requirements on support of particular feature(s). Yes, it is sometimes desired to express possibility and allowance, but IMO simple can and cannot are fine for this purpose. I don't actually think Annex H of I don't know what since you're providing only part of it should be referenced in 2119bis. Mykyta Yevstifeyev 01.09.2011 16:17, George Willingmyre wrote: I offer for consideration in the attachment the ISO and IEC requirements for use of the terms Shall ; Shall not; Should; Should not ; May; Need not ; Can'; Cannot in ISO and IEC standards. This document explains why ISO/IEC selects Shall and Shall not rather than Must and Must not to denote mandatory requirements. Do not use must as an alternative for shall. (This will avoid any confusion between the requirements of a document and external statutory obligations.) It is in the interests of IETF to contemplate and perhaps reference this ISO/IEC document somehow in our definition of the terms below 2.1. MUST . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.2. MUST NOT . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.3. SHOULD . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.4. SHOULD NOT . . . . . . . . . . . . . . . . . . . . . . . . 4 2.5. MAY . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 George T. Willingmyre, P.E. President, GTW Associates Spencerville, MD USA 20868 301.421.4138 www.gtwassociates.com ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
While we are on the topic of definitions I hoped to stimulate thinking and we can reach the conclusion that best meets our needs. The source parent document is at the URL on the ANSI web site http://publicaa.ansi.org/sites/apdl/Documents/Standards%20Activities/International%20Standardization/ISO/ISO_IEC_Directives_Part2.pdf ISO/IEC Directives, Part 2 Rules for the structure and drafting of International Standards George T. Willingmyre, P.E. President, GTW Associates Spencerville, MD USA 20868 301.421.4138 www.gtwassociates.com - Original Message - From: Mykyta Yevstifeyev To: ietf@ietf.org Sent: Thursday, September 01, 2011 9:48 AM Subject: Re: 2119bis George, We currently use MUST in regular cases and SHALL when we either want not to create confusion where non-normative must is used or for aesthetic reasons, eg. to make a requirement look not so strict as MUST implies (even though formally they both have similar force). I personally use SHALL when I mean it is to be so and not strict it is mandatory and obligatory and compulsory and ... to be so. CAN and CANNOT are an interesting idea, but they have little in common with conformance. Current 2119 language, as primarily used in http://tools.ietf.org/html/rfc1123#page-11, was intended to clear up the requirements on support of particular feature(s). Yes, it is sometimes desired to express possibility and allowance, but IMO simple can and cannot are fine for this purpose. I don't actually think Annex H of I don't know what since you're providing only part of it should be referenced in 2119bis. Mykyta Yevstifeyev 01.09.2011 16:17, George Willingmyre wrote: I offer for consideration in the attachment the ISO and IEC requirements for use of the terms Shall ; Shall not; Should; Should not ; May; Need not ; Can'; Cannot in ISO and IEC standards. This document explains why ISO/IEC selects Shall and Shall not rather than Must and Must not to denote mandatory requirements. Do not use must as an alternative for shall. (This will avoid any confusion between the requirements of a document and external statutory obligations.) It is in the interests of IETF to contemplate and perhaps reference this ISO/IEC document somehow in our definition of the terms below 2.1. MUST . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.2. MUST NOT . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.3. SHOULD . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.4. SHOULD NOT . . . . . . . . . . . . . . . . . . . . . . . . 4 2.5. MAY . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 George T. Willingmyre, P.E. President, GTW Associates Spencerville, MD USA 20868 301.421.4138 www.gtwassociates.com ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf -- ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Mykyta says... I personally use SHALL when I mean it is to be so and not strict it is mandatory and obligatory and compulsory and ... to be so. But, see, this is exactly the sort of problem we're talking about. You make some sort of semantic (not just stylistic) distinction between MUST and SHALL. Yet RFC 2119 does not; it defines them as synonyms. In a document that uses these terms according to RFC 2119, they mean exactly the same thing, and they are interchangeable. Barry ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
01.09.2011 17:29, Barry Leiba wrote: Mykyta says... I personally use SHALL when I mean it is to be so and not strict it is mandatory and obligatory and compulsory and... to be so. But, see, this is exactly the sort of problem we're talking about. You make some sort of semantic (not just stylistic) distinction between MUST and SHALL. Yet RFC 2119 does not; it defines them as synonyms. In a document that uses these terms according to RFC 2119, they mean exactly the same thing, and they are interchangeable. Yes, you're right - they both have similar force. But SHALL *looks* like being a bit more lightweight variant of MUST; whereas we differentiate how they'll be perceived by the human reader, SHALL still means that the implementor is obliged to what it is applied to. I mean only stylistic distinction here. Mykyta Barry ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
I do not believe there is any need to change RFC 2119. Thanks, Donald =  Donald E. Eastlake 3rd  +1-508-333-2270 (cell)  155 Beaver Street, Milford, MA 01757 USA  d3e...@gmail.com On Wed, Aug 31, 2011 at 9:28 AM, Scott O. Bradner s...@harvard.edu wrote: I've been traveling so have not had a chance to do anything but watch the discussion on a RFC 2119 update. a few thoughts 1/ I am far from convinced that there is a need to update RFC 2119    there is a bug in the boilerplate (as has been mentioned)    and some people seem to have a hard time understanding what    (to me) seem like clear descriptions of (for example) MUST    SHOULD - but the issues do not seem serious enough to warrant    replacing what is, basically, a simple dictionary usage    constraint 2/ it seems like a very Bad Idea to move 2119 to historic- we move   RFCs to historic when no one uses them or when they are a Bad   Idea in light of updated technology - I do not think that makes   much sense in this case - in addition it makes the status of RFCs   that have a normative reference to a historic document a bit   funky - if an update is actually needed there is no reason that   I can come up with that it could not just be that -- an update 3/ I doubt that I'll ever catch up with Postel as the most referenced   RFC author so that is not a consideration (for me) I wrote RFC 2119 (most using text from RFC 1122) because people were using MUST without saying what they meant, an update, if people think that one is actually needed, will serve that purpose as well as 2119 has. When I posted the original ID it was pointed out that I should also address when such terms should be used (i.e. try to limit the use to where it actually made sense protocol-wise) - I tried to do that but that part may not have been as successful as it might have been - any update might try to be clearer in this area that RFC 2119 is. Scott ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On 9/1/2011 7:49 AM, Donald Eastlake wrote: I do not believe there is any need to change RFC 2119. ... On Wed, Aug 31, 2011 at 9:28 AM, Scott O. Bradners...@harvard.edu wrote: ... 1/ I am far from convinced that there is a need to update RFC 2119 Predictably, the draft has prompted quite a few postings that seem to be intent on re-inventing a core portion of the IETF documentation mechanism. Folks should remember that this is a system that has been functioning quite well for some decades and I am not aware of any recent emergencies that justify starting over or making major changes. The policy when seeking to change an established, essential, well-running systems is to make as /few/ changes as possible, not as /many/... Ideally, this means making no changes at all, of course. That is, any proposal for a change MUST explain why the change is /essential/. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
I think the focus should be on Minimum Implementation Requirements to even make a protocol in the first place. IMV, this will help separate the ambiguity. It helps the author and implementator keep the eye on the prize - communications. Just consider, open RFC2119[bis] and I don't think you will even find the word MINIMUM. This is why I always viewed RFC 1123 as the Holy Bible because it did just that with its Minimum Requirements focus for many of the internet hosting protocols. Its what help John produce RFC2821 and probably why SMTP is very successful. IMV, this is missing in many of the RFCs I read that gets twisted from over time, and worst, when items are thrown in at the last minute (last call). -- HLS Barry Leiba wrote: Mykyta says... I personally use SHALL when I mean it is to be so and not strict it is mandatory and obligatory and compulsory and ... to be so. But, see, this is exactly the sort of problem we're talking about. You make some sort of semantic (not just stylistic) distinction between MUST and SHALL. Yet RFC 2119 does not; it defines them as synonyms. In a document that uses these terms according to RFC 2119, they mean exactly the same thing, and they are interchangeable. Barry ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Keith Moore wrote: On Sep 1, 2011, at 2:58 AM, Hector wrote: 6. Guidance in the use of these Imperatives Imperatives of the type defined in this memo must be used with care and sparingly. In particular, they MUST only be used where it is actually required for interoperation or to limit behavior which has potential for causing harm (e.g., limiting retransmisssions) For example, they must not be used to try to impose a particular method on implementors where the method is not required for interoperability. That last sentence is so clear. Maybe the error is not using an uppercase MUST NOT and NOT REQUIRED in that last sentence. Maybe software people need logic statements like: I actually think that the last sentence is overbroad. There are other defensible reasons to use the 2119 keywords than those enumerated in the document. And those words can be (and have been) interpreted in such a way as to compel working groups to fail to make design choices, and to permit too many alternative choices in implementations. Keith Keith, I feel ya. I once presented a paper at a trade conference presenting the idea of: Cooperative Competition (COCOMP) It touch based with the growing industry of competitors trying to work well around new standards of communications. The issue of alternative choices in implementations was becoming harder to support, more complex, etc. Especially on the mail side which was rapidly changing and each adding their own twist or proprietary feature that added value to their product lines. COCOMP proposed the central idea that there are ways to have your cake and eat it as long as we have: a) A understanding of minimum standard requirements that NO ONE can twist and turn, and b) and also offer added value, if you wish, using a standard method to extend your offerings for implementators to follow, if they want. The MUST and the SHOULD|MAYs. So the issues we see here has always been the case and you can't avoid them. When you have technology leaders that many follow, you have to be careful that quite often they offer extensions that only apply to their product line. That is what that last sentence pretty much touches base with, its a great insight of the realities of dealing with different implementators. I think Cooperative Competition is the name of game here. Its why all the vendors get together, that compete in the market place, but we hopefully cooperative for a common goal. RFC2119 needs to focus on establishing the minimum conformance requirements for a protocol or a suite of protocols yet we need to understand that not everything is required or need to be imposed across the board because its not just about one mainstream vendor or technology leader interest but the entire community interest. I can't impose my product features on anyone and its not proper for another vendor to impose its wishes on others. Even if they feel its for the Common Goal not everyone is going to agree its a All or Nothing concept. -- HLS ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Sep 1, 2011, at 7:49 AM, Donald Eastlake wrote: I do not believe there is any need to change RFC 2119. +1 Bob Thanks, Donald = Donald E. Eastlake 3rd +1-508-333-2270 (cell) 155 Beaver Street, Milford, MA 01757 USA d3e...@gmail.com On Wed, Aug 31, 2011 at 9:28 AM, Scott O. Bradner s...@harvard.edu wrote: I've been traveling so have not had a chance to do anything but watch the discussion on a RFC 2119 update. a few thoughts 1/ I am far from convinced that there is a need to update RFC 2119 there is a bug in the boilerplate (as has been mentioned) and some people seem to have a hard time understanding what (to me) seem like clear descriptions of (for example) MUST SHOULD - but the issues do not seem serious enough to warrant replacing what is, basically, a simple dictionary usage constraint 2/ it seems like a very Bad Idea to move 2119 to historic- we move RFCs to historic when no one uses them or when they are a Bad Idea in light of updated technology - I do not think that makes much sense in this case - in addition it makes the status of RFCs that have a normative reference to a historic document a bit funky - if an update is actually needed there is no reason that I can come up with that it could not just be that -- an update 3/ I doubt that I'll ever catch up with Postel as the most referenced RFC author so that is not a consideration (for me) I wrote RFC 2119 (most using text from RFC 1122) because people were using MUST without saying what they meant, an update, if people think that one is actually needed, will serve that purpose as well as 2119 has. When I posted the original ID it was pointed out that I should also address when such terms should be used (i.e. try to limit the use to where it actually made sense protocol-wise) - I tried to do that but that part may not have been as successful as it might have been - any update might try to be clearer in this area that RFC 2119 is. Scott ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On 30 August 2011 10:05, Eliot Lear wrote: There are literally thousands of documents (not only RFCs, also W3C standards, etc.) with normative references to RFC 2119 (sic!) instead of BCP 14, and I see no compelling reason to render these references as historic. On the basis of this logic we wouldn't be able to supercede any of our key RFCs. If there are compelling reasons to fix a BCP somehow, as it was the case when the Trust was created and the IPR issues were fixed, it was obviously possible to create tons of new BCPs updating old BCPs. Maybe RFC 2119 has enough valid (= verified + 499) errata for an update. OTOH many folks here agree that it should be kept as is, because folks here do not agree *how* to fix it, e.g., nobody proposed to fix only the errata, and they also don't agree *what*, if anything (excl. errata), is broken. Maybe Peter can propose a completely new mustard RFC as a kind of process experiment, where authors are free to use this new RFC to define their mustard, or stick to RFC 2119 cum errata. It was never REQUIRED to use RFC 2119 terminology, when authors don't like it and have other ideas. I recall how hard it was to switch RFC 5321 from some proprietary terminology in RFC 2821 to the common RFC 2119 terminology, when the author mumbled about the consensus of some prehistoric WG, which apparently decided that it is a good idea to *copy* RFC 2119 definitions instead of simply reference RFC 2119. By popular demand RFC 5321 got this right. How about trying an updates 2119 and status BCP, where BCP 14 then consists of 2119 and 2119bis, and old RFC 2119 references are still okay as is. What ends up happening, then, is that we need Internet lawyers to traipse through references. Â I challenge you or anyone else here to list all the process RFCs that update RFC 2026. That's simple, I know how to find Brian's [PROCDOCS], and there I'd find all inhabitants of this zoo... Â Let's not repeat that fiasco with 2119. ...okay, I certainly don't insist on it. But as long as nobody offers to fix only the errata in 2119bis anything more ambitious should leave RFC 2119 alone, no obsoleted by and no historic. -Frank ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On 30 August 2011 11:14, Mykyta Yevstifeyev wrote: I would rather object to making RFC 2119 Historic; I remember RFC 2026 discusses such case (probably Section 6.3, which is also applicable to BCPs). Â So, the following change is necessary: Abstract and Introduction (similar text). Â OLD: If approved, this document obsoletes RFC 2119 and changes its status to Historic.; NEW: This document obsoletes RFC 2119. That's better, but otherwise still near to second worst proposal. RFC 2026 section 5.1 does not mention 6.3 (revising), it mentions 6.4 (retiring). If Peter creates a new RFC (independent of 2119), and it turns out that everybody prefers the new RFC, then the old RFC 2119 should be retired. But as noted by Eliot, of course I have no idea if this part of RFC 2026 happens to be one of the few things that are still valid, I only know where I'd find the updates if I'd need to find them. This 2119 rathole is a major distraction from various Last Calls, hopefully the IESG has good filters to find Last Call comments on this list. -Frank ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Hi Dave - Mostly I think 2119 works well. But there are some interesting places where I believe it doesn't and the interpretation of SHOULD is smack dab in the middle of those places. There are at least two different classes of things where SHOULD can be applied: behavior and feature. The feature SHOULD tends to have less to quibble about - An SMTP server SHOULD implement DKIM and 8BITMIME - and tends not so much to need an UNLESS clause. The behavior SHOULD absent a description of the UNLESS clause tends to have a bit more downside: A DNSSEC aware recursive resolver SHOULD set the CD bit in an upstream query vs either A DNSSEC aware recursive resolver MUST set the CD bit in an upstream query or A DNSSEC aware recursive resolver SHOULD set the CD bit in an upstream query UNLESS specifically configured by policy not to That's just an example I'm particularly aware of (and the specific language has a few more clauses). I wouldn't suggest that 2119 become historical - there are way too many documents dependent upon it. But we've cycled the IPR boiler plate numerous times and required that new documents update to new standards. Having a replacement for 2119 specifically include a discussion of an UNLESS clause associated with SHOULD and replacing the pointer in new documents may actually improve the quality of our documents. And I can't believe you said and this is the way we've always done it as justification... :-) Mike At 11:10 AM 9/1/2011, Dave CROCKER wrote: On 9/1/2011 7:49 AM, Donald Eastlake wrote: I do not believe there is any need to change RFC 2119. ... On Wed, Aug 31, 2011 at 9:28 AM, Scott O. Bradners...@harvard.edu wrote: ... 1/ I am far from convinced that there is a need to update RFC 2119 Predictably, the draft has prompted quite a few postings that seem to be intent on re-inventing a core portion of the IETF documentation mechanism. Folks should remember that this is a system that has been functioning quite well for some decades and I am not aware of any recent emergencies that justify starting over or making major changes. The policy when seeking to change an established, essential, well-running systems is to make as /few/ changes as possible, not as /many/... Ideally, this means making no changes at all, of course. That is, any proposal for a change MUST explain why the change is /essential/. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Michael StJohns wrote: There are at least two different classes of things where SHOULD can be applied: behavior and feature. The feature SHOULD tends to have less to quibble about - An SMTP server SHOULD implement DKIM and 8BITMIME - and tends not so much to need an UNLESS clause. The behavior SHOULD absent a description of the UNLESS clause tends to have a bit more downside: A DNSSEC aware recursive resolver SHOULD set the CD bit in an upstream query vs either A DNSSEC aware recursive resolver MUST set the CD bit in an upstream query or A DNSSEC aware recursive resolver SHOULD set the CD bit in an upstream query UNLESS specifically configured by policy not to That's just an example I'm particularly aware of (and the specific language has a few more clauses). Good points, but the subtleties are too wide spread to generalize, especially dealing with integrated protocols and now there are boundary layers related issues. For example: DKIM MUST|SHOULD|MAY validate its input stream for illegal multiple 8222.From fields because this has been shown to cause a potential security exploit. or you can pass the buck in the name of fast tracking PS to IS, cross the border with this concept: SMTP Receivers MUST|SHOULD|MUST check for valid RFC5322 input before feeding the stream to DKIM. Some people view this as a boundary layer problem, others don't. Some people (like me) see it a major security problem that negates DKIM goals hence from an Software Engineering, Black Box IN/OUT concept, believe DKIM has responsibility to validate its key input fields especially when DKIM already had a strong security related mandate: DKIM MUST hash-bind the 5322.FROM header to the signature. And it is an RFC5322 violation to have two or more 5322.FROM fields. But some believe its a boundary layer issue, don't believe its a responsibility for security-based protocol called DKIM to make sure there is no security violations in its blind input of RFC5322 data. In this case, a SMTP server will probably do already, but can't guarantee this? I don't think so and even when it does, there are known illustrated cases where DKIM was used to bypass the SMTP RFC5322 check and as a result a double 5322.FROM were possible where the fake 5322.From was displayed to the user and DKIM signature was still valid by hashing the original, but now hidden, 5322.From field. Go figure. -- HLS ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
My interpretation of what you wrote is that in your mind there is absolutely no difference between a SHOULD and a MAY. They are both optional, and you implement whatever you have time to implement, with SHOULD's prioritized higher than MAY's. Even if that is not what you mean, it is what many implementors do. I would offer this highlights the problem with today's SHOULD. Some think SHOULD means something is OK to implement, but life does not end if you do not do it. Others think SHOULD means something HAS to be implemented, unless the environment indicates the protocol will not work in some corner case. On Aug 30, 2011, at 3:08 PM, hector wrote: When I approach a protocol to implement, the first thing I typically do is extract and develop the basic wiring of the protocol, the minimum requirements. Make sure the basic framework is correct 100%, then I look for the SHOULDs and also MAYS which are the easiest to add. I look at the SHOULD by order of importance and also complexity. How much CANDY is it? It is a security feature? What are the other implementation requirements, tools, APIs, etc. Generally I want to get security out the way. Its like SMTP AUTH - its not required but anyone cleaning up and rewriting an SMTP spec today, might include the AUTH extension as a SHOULD. And implementators are keen to the importance of it. But nothing won't break down if you don't, less functionality but the basic structure is still there. Its the same approach used for all the protocols we support. Start with the basics and then add on as necessary. Eric Burger wrote: What is the difference in this case between SHOULD or MAY? On Aug 30, 2011, at 2:49 PM, Adam Roach wrote: On 8/29/11 9:44 PM, Eric Burger wrote: Yes, and... I would offer that for most cases, If Y then MUST X or If Z then MUST NOT X *are* what people usually mean when they say SHOULD. In the spirit of Say What You Mean, a bare SHOULD at the very least raise an ID-nit, suggesting to the author to turn the statement into the if Y then MUST X or if Z then MUST NOT X form. Being pedantic and pedagogic: SHOULD send a 1 UNLESS you receive a 0 really means UNLESS you receive a 0, one MUST send a 1. My vision of the UNLESS clause is not necessarily a protocol state, but an environment state. These are things that I can see fit the SHOULD/UNLESS form: SHOULD send a 1 UNLESS you are in a walled garden SHOULD flip bit 27 UNLESS you have a disk SHOULD NOT explode UNLESS you are a bomb are all reasonable SHOULD-level statements. I would offer that ANY construction of SHOULD without an UNLESS is a MAY. Eric. Put down the axe and step away from the whetstone. Here, I'll give you some text from RFC 3265 to mull. deactivated: The subscription has been terminated, but the subscriber SHOULD retry immediately with a new subscription. One primary use of such a status code is to allow migration of subscriptions between nodes. Let's examine this use of SHOULD. If the subscriber doesn't re-subscribe, is it an interop issue? No. Is it in the interest of the implementation to re-subscribe? Yes. At least, under most circumstances. Otherwise, they won't get the state change notifications they want. Are there cases in which it makes sense for the subscriber _not_ to re-subscribe? Yes, I'm sure there are. It's conceivable that the client happens to be shutting down but hasn't gotten around to terminating this particular subscription yet. But any such exceptions are highly implementation-dependent. Listing them would be useless noise to the reader, and senseless text creation for the author. Does SHOULD get abused by some authors in some documents? Of course it does. But your crusade to throw out a useful tool just because it has been misused on occasion is an extreme over-reaction. I like this tool. I use this tool. If you see people misusing it, slap them. But don't ban the tool. /a ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf smime.p7s Description: S/MIME cryptographic signature ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Interesting example. I like it. I agree that when to retry is not at all a protocol issue. That probably is why we are in fuzzy land, and this highlights why SHOULD is bad. The availability of SHOULD drew the author of the mentioned RFC to mix a user interface / user experience issue with a protocol issue. Saying a client SHOULD retry immediately, to migrate subscriptions, is an implementation detail and has absolutely NOTHING to do with the protocol. It would be OK to have a NOTE in the protocol RFC discussing that deactivated is an opportunity to migrate the subscription. It would be OK to have an Informational implementor's guide that notes that it would be good for clients to leverage the deactivated state to quickly migrate a subscription. However, there is NOTHING in the protocol to say SHOULD. On Aug 30, 2011, at 3:15 PM, Adam Roach wrote: In this case, unless the implementation has a good reason, failing to re-subscribe will result in behavior that the user perceives as broken. I don't think that's really MAY territory. /a On 8/30/11 1:57 PM, Eric Burger wrote: What is the difference in this case between SHOULD or MAY? On Aug 30, 2011, at 2:49 PM, Adam Roach wrote: On 8/29/11 9:44 PM, Eric Burger wrote: Yes, and... I would offer that for most cases, If Y then MUST X or If Z then MUST NOT X *are* what people usually mean when they say SHOULD. In the spirit of Say What You Mean, a bare SHOULD at the very least raise an ID-nit, suggesting to the author to turn the statement into the if Y then MUST X or if Z then MUST NOT X form. Being pedantic and pedagogic: SHOULD send a 1 UNLESS you receive a 0 really means UNLESS you receive a 0, one MUST send a 1. My vision of the UNLESS clause is not necessarily a protocol state, but an environment state. These are things that I can see fit the SHOULD/UNLESS form: SHOULD send a 1 UNLESS you are in a walled garden SHOULD flip bit 27 UNLESS you have a disk SHOULD NOT explode UNLESS you are a bomb are all reasonable SHOULD-level statements. I would offer that ANY construction of SHOULD without an UNLESS is a MAY. Eric. Put down the axe and step away from the whetstone. Here, I'll give you some text from RFC 3265 to mull. deactivated: The subscription has been terminated, but the subscriber SHOULD retry immediately with a new subscription. One primary use of such a status code is to allow migration of subscriptions between nodes. Let's examine this use of SHOULD. If the subscriber doesn't re-subscribe, is it an interop issue? No. Is it in the interest of the implementation to re-subscribe? Yes. At least, under most circumstances. Otherwise, they won't get the state change notifications they want. Are there cases in which it makes sense for the subscriber _not_ to re-subscribe? Yes, I'm sure there are. It's conceivable that the client happens to be shutting down but hasn't gotten around to terminating this particular subscription yet. But any such exceptions are highly implementation-dependent. Listing them would be useless noise to the reader, and senseless text creation for the author. Does SHOULD get abused by some authors in some documents? Of course it does. But your crusade to throw out a useful tool just because it has been misused on occasion is an extreme over-reaction. I like this tool. I use this tool. If you see people misusing it, slap them. But don't ban the tool. /a ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf smime.p7s Description: S/MIME cryptographic signature ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Exactly. I'm working my way through RFC2616bis, trying to distinguish between SHOULDs that actually have implications for interoperability and SHOULDs that are just there because the english word 'should' happened to make sense at the time. It's a huge pain. On 31/08/2011, at 5:42 PM, Eric Burger wrote: Interesting example. I like it. I agree that when to retry is not at all a protocol issue. That probably is why we are in fuzzy land, and this highlights why SHOULD is bad. The availability of SHOULD drew the author of the mentioned RFC to mix a user interface / user experience issue with a protocol issue. Saying a client SHOULD retry immediately, to migrate subscriptions, is an implementation detail and has absolutely NOTHING to do with the protocol. It would be OK to have a NOTE in the protocol RFC discussing that deactivated is an opportunity to migrate the subscription. It would be OK to have an Informational implementor's guide that notes that it would be good for clients to leverage the deactivated state to quickly migrate a subscription. However, there is NOTHING in the protocol to say SHOULD. On Aug 30, 2011, at 3:15 PM, Adam Roach wrote: In this case, unless the implementation has a good reason, failing to re-subscribe will result in behavior that the user perceives as broken. I don't think that's really MAY territory. /a On 8/30/11 1:57 PM, Eric Burger wrote: What is the difference in this case between SHOULD or MAY? On Aug 30, 2011, at 2:49 PM, Adam Roach wrote: On 8/29/11 9:44 PM, Eric Burger wrote: Yes, and... I would offer that for most cases, If Y then MUST X or If Z then MUST NOT X *are* what people usually mean when they say SHOULD. In the spirit of Say What You Mean, a bare SHOULD at the very least raise an ID-nit, suggesting to the author to turn the statement into the if Y then MUST X or if Z then MUST NOT X form. Being pedantic and pedagogic: SHOULD send a 1 UNLESS you receive a 0 really means UNLESS you receive a 0, one MUST send a 1. My vision of the UNLESS clause is not necessarily a protocol state, but an environment state. These are things that I can see fit the SHOULD/UNLESS form: SHOULD send a 1 UNLESS you are in a walled garden SHOULD flip bit 27 UNLESS you have a disk SHOULD NOT explode UNLESS you are a bomb are all reasonable SHOULD-level statements. I would offer that ANY construction of SHOULD without an UNLESS is a MAY. Eric. Put down the axe and step away from the whetstone. Here, I'll give you some text from RFC 3265 to mull. deactivated: The subscription has been terminated, but the subscriber SHOULD retry immediately with a new subscription. One primary use of such a status code is to allow migration of subscriptions between nodes. Let's examine this use of SHOULD. If the subscriber doesn't re-subscribe, is it an interop issue? No. Is it in the interest of the implementation to re-subscribe? Yes. At least, under most circumstances. Otherwise, they won't get the state change notifications they want. Are there cases in which it makes sense for the subscriber _not_ to re-subscribe? Yes, I'm sure there are. It's conceivable that the client happens to be shutting down but hasn't gotten around to terminating this particular subscription yet. But any such exceptions are highly implementation-dependent. Listing them would be useless noise to the reader, and senseless text creation for the author. Does SHOULD get abused by some authors in some documents? Of course it does. But your crusade to throw out a useful tool just because it has been misused on occasion is an extreme over-reaction. I like this tool. I use this tool. If you see people misusing it, slap them. But don't ban the tool. /a ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf -- Mark Nottingham http://www.mnot.net/ ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Yes, but there is another factor that appears to be presumed in the discussions that might will help explains the critical difference: Even if SHOULD is interpreted as a MUST IMPLEMENT, there is no MUST USE guarantee by protocol consumers. An implementator might decide a particular SHOULD has an absolute no consumer value, it might even be harmful, and it might be a low adoption currently, that might be enough to ignore it. On the hand, if he says Oh, lets add it anyway, he must still present it as OPTION to the consumer for them to decide. In my view, SHOULD are user protocol options to set. Odds are good a SHOULD would be enabled out of the box. Some might be disabled out of the box. If its not an user option, then that means it must be enabled with no way to turn off. If so, then logic tells me that this SHOULD should of been a MUST to be begin right. No? -- HLS Eric Burger wrote: My interpretation of what you wrote is that in your mind there is absolutely no difference between a SHOULD and a MAY. They are both optional, and you implement whatever you have time to implement, with SHOULD's prioritized higher than MAY's. Even if that is not what you mean, it is what many implementors do. I would offer this highlights the problem with today's SHOULD. Some think SHOULD means something is OK to implement, but life does not end if you do not do it. Others think SHOULD means something HAS to be implemented, unless the environment indicates the protocol will not work in some corner case. On Aug 30, 2011, at 3:08 PM, hector wrote: When I approach a protocol to implement, the first thing I typically do is extract and develop the basic wiring of the protocol, the minimum requirements. Make sure the basic framework is correct 100%, then I look for the SHOULDs and also MAYS which are the easiest to add. I look at the SHOULD by order of importance and also complexity. How much CANDY is it? It is a security feature? What are the other implementation requirements, tools, APIs, etc. Generally I want to get security out the way. Its like SMTP AUTH - its not required but anyone cleaning up and rewriting an SMTP spec today, might include the AUTH extension as a SHOULD. And implementators are keen to the importance of it. But nothing won't break down if you don't, less functionality but the basic structure is still there. Its the same approach used for all the protocols we support. Start with the basics and then add on as necessary. Eric Burger wrote: What is the difference in this case between SHOULD or MAY? On Aug 30, 2011, at 2:49 PM, Adam Roach wrote: On 8/29/11 9:44 PM, Eric Burger wrote: Yes, and... I would offer that for most cases, If Y then MUST X or If Z then MUST NOT X *are* what people usually mean when they say SHOULD. In the spirit of Say What You Mean, a bare SHOULD at the very least raise an ID-nit, suggesting to the author to turn the statement into the if Y then MUST X or if Z then MUST NOT X form. Being pedantic and pedagogic: SHOULD send a 1 UNLESS you receive a 0 really means UNLESS you receive a 0, one MUST send a 1. My vision of the UNLESS clause is not necessarily a protocol state, but an environment state. These are things that I can see fit the SHOULD/UNLESS form: SHOULD send a 1 UNLESS you are in a walled garden SHOULD flip bit 27 UNLESS you have a disk SHOULD NOT explode UNLESS you are a bomb are all reasonable SHOULD-level statements. I would offer that ANY construction of SHOULD without an UNLESS is a MAY. Eric. Put down the axe and step away from the whetstone. Here, I'll give you some text from RFC 3265 to mull. deactivated: The subscription has been terminated, but the subscriber SHOULD retry immediately with a new subscription. One primary use of such a status code is to allow migration of subscriptions between nodes. Let's examine this use of SHOULD. If the subscriber doesn't re-subscribe, is it an interop issue? No. Is it in the interest of the implementation to re-subscribe? Yes. At least, under most circumstances. Otherwise, they won't get the state change notifications they want. Are there cases in which it makes sense for the subscriber _not_ to re-subscribe? Yes, I'm sure there are. It's conceivable that the client happens to be shutting down but hasn't gotten around to terminating this particular subscription yet. But any such exceptions are highly implementation-dependent. Listing them would be useless noise to the reader, and senseless text creation for the author. Does SHOULD get abused by some authors in some documents? Of course it does. But your crusade to throw out a useful tool just because it has been misused on occasion is an extreme over-reaction. I like this tool. I use this tool. If you see people misusing it, slap them. But don't ban the tool. /a
Re: 2119bis
On Aug 31, 2011, at 8:30 AM, Hector wrote: In my view, SHOULD are user protocol options to set. In my view, SHOULD should rarely be used for optional protocol features, because optional protocol features should themselves be rare. And the primary purpose of SHOULD is not to permit optional protocol features. Keith ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Keith Moore wrote: On Aug 31, 2011, at 8:30 AM, Hector wrote: In my view, SHOULD are user protocol options to set. In my view, SHOULD should rarely be used for optional protocol features, because optional protocol features should themselves be rare. And the primary purpose of SHOULD is not to permit optional protocol features. If SHOULD is read as a MUST IMPLEMENT, and that also implies MUST USE with no provision to disable then its should of been a MUST in the first place. When presented to consumers, we do this for the most part: o MUST items No options, to way to turn off. No GUI, Nada. Under rare circumstances, usually due to protocol conflicts, i.e. a MUST really should of been a SHOULD and it might have been a SHOULD in protocol STD, but made into a MUST in protocol RFC update and that now causes problems, hence undocumented switches are provided for support. o SHOULD items Here we have three forms of the options: [X] Extended Feature A- higher sweet benefit! default ON [_] Extended Feature B- Nice, but high overhead, default OFF [_] Extended Feature C- It was default ON, but operator said NAH! MAY options are similar but heres you have learn more about the consumer needs to decide what protocol overhead is added and/or initial ON/OFF position. Many Implementators makes decides on the basic of this SHOULD value offers. Its a big waste of them, it won't be implemented. But when its get more adoption, maybe. And we can't impose Bloat Ware options that prove to be bad or not desired, so you have to present these SHOULDS as options. I sense a bad direction with what is basically ALL or Nothing protocol implementation, including with there little adoption, complex to support and simply not required. This might be enough to raise the barrier on adoption for some protocols that insist on on a All or Nothing conformance mandate. Why even bother with SHOULD, and use have MUST and MAY? -- HLS ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Aug 31, 2011, at 9:12 AM, Hector wrote: Keith Moore wrote: On Aug 31, 2011, at 8:30 AM, Hector wrote: In my view, SHOULD are user protocol options to set. In my view, SHOULD should rarely be used for optional protocol features, because optional protocol features should themselves be rare. And the primary purpose of SHOULD is not to permit optional protocol features. If SHOULD is read as a MUST IMPLEMENT, and that also implies MUST USE with no provision to disable then its should of been a MUST in the first place. Just because a feature is optional does not mean that it's a protocol feature... i.e. it doesn't mean that it affects how the implementation interacts with peers. SHOULD is IMO most often useful not when specifying how a protocol acts on the wire, but when specifying how a protocol needs to be implemented on a particular platform, where the precise semantics, API details, etc. naturally differ from one platform to another. Why even bother with SHOULD, and use have MUST and MAY? To get people out of the rathole of trying to specify exactly how everything must work in excruciating detail, in a world where there is inherently going to be some necessary variation. Keith ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
I've been traveling so have not had a chance to do anything but watch the discussion on a RFC 2119 update. a few thoughts 1/ I am far from convinced that there is a need to update RFC 2119 there is a bug in the boilerplate (as has been mentioned) and some people seem to have a hard time understanding what (to me) seem like clear descriptions of (for example) MUST SHOULD - but the issues do not seem serious enough to warrant replacing what is, basically, a simple dictionary usage constraint 2/ it seems like a very Bad Idea to move 2119 to historic- we move RFCs to historic when no one uses them or when they are a Bad Idea in light of updated technology - I do not think that makes much sense in this case - in addition it makes the status of RFCs that have a normative reference to a historic document a bit funky - if an update is actually needed there is no reason that I can come up with that it could not just be that -- an update 3/ I doubt that I'll ever catch up with Postel as the most referenced RFC author so that is not a consideration (for me) I wrote RFC 2119 (most using text from RFC 1122) because people were using MUST without saying what they meant, an update, if people think that one is actually needed, will serve that purpose as well as 2119 has. When I posted the original ID it was pointed out that I should also address when such terms should be used (i.e. try to limit the use to where it actually made sense protocol-wise) - I tried to do that but that part may not have been as successful as it might have been - any update might try to be clearer in this area that RFC 2119 is. Scott ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Keith Moore wrote: On Aug 31, 2011, at 9:12 AM, Hector wrote: If SHOULD is read as a MUST IMPLEMENT, and that also implies MUST USE with no provision to disable then its should of been a MUST in the first place. Just because a feature is optional does not mean that it's a protocol feature... i.e. it doesn't mean that it affects how the implementation interacts with peers. Thats the problem with trying generalize SHOULD as single interpretation for all SHOULDs when it is so highly subjective many times. I think you are speaking of long term operations where an SHOULD is so widely adopted, it inherently because a MUST have in all new implementations. So that vain, sure, eventually the better options naturally become part of the protocol to the extent the options might be even remove to simplify things. We also have the opposite where a SHOULD is implemented but no one users it so eventually, it may be remove as an option. SHOULD is IMO most often useful not when specifying how a protocol acts on the wire, but when specifying how a protocol needs to be implemented on a particular platform, where the precise semantics, API details, etc. naturally differ from one platform to another. Yeah, but its also very very useful to offering what parts of a protocol are on and off and let operators decide what they want. Don't we already do this? Why even bother with SHOULD, and just use MUST and MAY? To get people out of the rathole of trying to specify exactly how everything must work in excruciating detail, in a world where there is inherently going to be some necessary variation. I agree, it is the easy way out. But wouldn't it still be a rathole if SHOULD was still a MUST-IMPLEMENT concept which is why a MUST made it an rathole in the first place? Too many people didn't like, not want it nor wish to waste time on a unproven concept. So you make it a SHOULD or a MAY. With a MUST-IMPLEMENT view of SHOULD, then SHOULD really isn't compromise if you have to implement and even more so if no one is allowed to turn it off. -1 on RFC2119bis :) ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
RE: 2119bis
-Original Message- From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of Eric Burger Sent: Wednesday, August 31, 2011 12:37 AM To: hector Cc: IETF discussion list Subject: Re: 2119bis I would offer this highlights the problem with today's SHOULD. Some think SHOULD means something is OK to implement, but life does not end if you do not do it. Others think SHOULD means something HAS to be implemented, unless the environment indicates the protocol will not work in some corner case. On the other hand, given the current SHOULD definition in RFC2119, I'm at a loss to understand how one could reasonably come to other than the second interpretation you give here. It's fairly explicit to me. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Aug 31, 2011, at 10:03 AM, Murray S. Kucherawy wrote: On the other hand, given the current SHOULD definition in RFC2119, I'm at a loss to understand how one could reasonably come to other than the second interpretation you give here. It's fairly explicit to me. The simplest explanation is that people don't bother to read 2119. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Aug 31, 2011, at 9:57 AM, hector wrote: SHOULD is IMO most often useful not when specifying how a protocol acts on the wire, but when specifying how a protocol needs to be implemented on a particular platform, where the precise semantics, API details, etc. naturally differ from one platform to another. Yeah, but its also very very useful to offering what parts of a protocol are on and off and let operators decide what they want. Don't we already do this? yes, it is done to some degree. but that's not, in general, a desirable practice. (though there are cases where it can be justified). Keith ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Unless of course one considers us the Protocol Nanny's(tm) - if do not do a SHOULD, we will send you to bed without your treacle! I.e., there IS NO DISTINCTION BETWEEN A BARE SHOULD AND A MAY. Of course there is. Its the distinction between - Qualified SHOULD) Here lie dragons. Take the recommended route, unless you know how to fight them. Unqualified SHOULD) Here lie some dangers. Check with someone who knows, or take the recommended route. MAY) Here's an area. You could go there. Of course, the first and last pieces of text are preferred. But sometimes no one was brave enough to explore the area, so we don't actually know what dangers there are, they cannot be listed. Jari ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Keith, Peter, I think you're overgeneralizing. My experience is that judicious use of SHOULD seems to make both protocols and protocol specifications simpler; trying to nail everything down makes them more complex. I agree. In any case, Peter, I think its fine to add the NOT RECOMMENDED word to the boilerplate. Publish a spec on that, have it Update 2119, and then new RFCs would refer to that (say, 7119) instead of 2119 and everyone would be happy. But I'm not quite sure why there are other changes in the text. Maybe I need to be educated better. On quick read I got more questions from it than what I get from 2119... Jari ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On 8/31/11 9:48 AM, Jari Arkko wrote: Keith, Peter, I think you're overgeneralizing. My experience is that judicious use of SHOULD seems to make both protocols and protocol specifications simpler; trying to nail everything down makes them more complex. I agree. In any case, Peter, I think its fine to add the NOT RECOMMENDED word to the boilerplate. Publish a spec on that, have it Update 2119, and then new RFCs would refer to that (say, 7119) instead of 2119 Yes, that is one path. and everyone would be happy. I'm not sure that everyone would be happy, because I do think that some clarifications and additional guidelines might be helpful. But those, too, could go in a separate (likely Informational) document that would not necessarily update (and certainly not obsolete) 2119. But I'm not quite sure why there are other changes in the text. Maybe I need to be educated better. On quick read I got more questions from it than what I get from 2119... Thus the desirability of writing a separate document. Peter -- Peter Saint-Andre https://stpeter.im/ ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On 8/31/11 9:52 AM, Keith Moore wrote: or maybe just file an erratum. There is an erratum on file: http://www.rfc-editor.org/errata_search.php?eid=499 I started down this road in part while working to clear out errata... Peter -- Peter Saint-Andre https://stpeter.im/ ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Keith Moore wrote: On Aug 31, 2011, at 9:57 AM, hector wrote: Yeah, but its also very very useful to offering what parts of a protocol are on and off and let operators decide what they want. Don't we already do this? yes, it is done to some degree. Every protocol I have implemented such as PPP, RADIUS, SMTP, TELNET, FTP, POP3 among the augmented protocols all have some levels of Features presented as SHOULDs and MAYs and those seem necessary where exposed in some form of configuration options. They might be tweaked for optimal out of the box performance, so you might not need them. Just look at SMTP extensions, EHLO features. There are SHOULD for 5 mins timeouts and 5321 states that its good idea to make this configurable. Came in handy the other day! :) or even DKIM. Protocol options made available, but fined tune so the operators just can start using it. But not all will use the setting you prepare for them. but that's not, in general, a desirable practice. (though there are cases where it can be justified). While I agree long time engineering fine tuning, options become stable, deprecated or obsolete and short of an finely tuned embedded system, turnkey system, even smart phone/devices, and not really even then, I hardly seen any protocol with options not implement with some level of exposure deemed necessary. The simplest explanation is that people don't bother to read 2119. How can you make a claim like this with a straight face or I guess fingers? That invites useless conflicts like get a dictionary for the word Recommended, or just plain old accepting the simple idea that after determining all full implications above and beyond what was necessary is a valid reason to IGNORE the recommendation. -- HLS ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
or maybe just file an erratum. I think it's fairly obvious that any document that actually uses NOT RECOMMENDED should define what it means, if it expects those words to have any meaning other than the ordinary English meaning of those words (with or without capitalization). I've seen documents that didn't quote the 2119 boilerplate verbatim because they didn't use all of the terms defined in 2119. I didn't see any problem with that. On Aug 31, 2011, at 11:48 AM, Jari Arkko wrote: In any case, Peter, I think its fine to add the NOT RECOMMENDED word to the boilerplate. Publish a spec on that, have it Update 2119, and then new RFCs would refer to that (say, 7119) instead of 2119 and everyone would be happy. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Aug 31, 2011, at 11:55 AM, Hector wrote: Keith Moore wrote: On Aug 31, 2011, at 9:57 AM, hector wrote: Yeah, but its also very very useful to offering what parts of a protocol are on and off and let operators decide what they want. Don't we already do this? yes, it is done to some degree. Every protocol I have implemented such as PPP, RADIUS, SMTP, TELNET, FTP, POP3 among the augmented protocols all have some levels of Features presented as SHOULDs and MAYs and those seem necessary where exposed in some form of configuration options. They might be tweaked for optimal out of the box performance, so you might not need them. Just look at SMTP extensions, EHLO features. There are SHOULD for 5 mins timeouts and 5321 states that its good idea to make this configurable. Came in handy the other day! :) or even DKIM. Protocol options made available, but fined tune so the operators just can start using it. But not all will use the setting you prepare for them. Old protocols that were extended after they were widely deployed are one of the exceptional cases where SHOULD / SHOULD NOT / etc. make sense to describe protocol features. They can't always be MUSTs or MUST NOTs because of the need to maintain backward compatibility with old implementations. Things like timeout intervals are often labeled as SHOULDs because they aren't precisely determined, they're educated guesses. So implementors and perhaps operators should have some leeway to tweak them in light of experience. The simplest explanation is that people don't bother to read 2119. How can you make a claim like this with a straight face or I guess fingers? Because of long experience that indicates that implementors often fail to read base specifications thoroughly, much less the referenced specifications. Keith ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis - SHOULD Classifications
Barry Leiba wrote: Just responding to a small part, here: � B) RFC2119 states SHOULD is the same as the adjective RECOMMENDED. As far I am concern, a recommendation is not a mandate nor obligation. .. But don't make the mistake of thinking that, in the context of RFC 2119, one can use one's own English sense of what the meanings of these terms are. Agree, that is why the final part of my email I suggested the consideration to remove the last sentence of the text be removed; The term RECOMMENDED is equivalent to SHOULD. Personally, it benefit us if we state SHOULD under different classifications. I'm just winging it, but perhaps: NEW ITEM IMPROVEMENT SECURITY (VERY IMPORTANT) A context of which the SHOULD offers has a lot of weight in the decision making process. Example: If the SHOULD is related to security, then all efforts MUST be to made to support it. If the SHOULD item is an improvement not related to security, then all efforts SHOULD be to made to support it. If the SHOULD item is a new item not related to security, then all efforts MAY be to made to support it. Of course, there is the interesting nature of recursion here and the last two can possibly be folded, but I think stating SHOULD compliance classified under new, improvement and the level of importance context will help rather than trying to state it as a generalize, ambiguous rule of thumb - A MUST BUT OPTIONAL IFF YOU KNOW WHAT YOU ARE DOING. The basic idea is that when is something is NEW there is lesser obligation to support it until its becomes widely adopted. If its really an important feature, like security, then it ought to be stated with a heavy obligatory emphasis. Also, we may consider other general guidelines text like: New protocol enhancements with SHOULD key words MUST NOT be used a non-compliance measurement tool of existing compliant implementations. i.e. current implementator are not broken because they are not currently supporting a SHOULD. A new protocol that has a OPTIONAL dependency on an existing optional protocol MUST NOT use MUST|SHOULD as an enforcement tool for make implementator to support the optional protocol. The last one I had trouble writing it, but I think you get the gist of it. Overall, I believe the system has worked - we got this far because we gave implementators the benefit of the doubt that valid reasons to ignore was done responsibly and the protocols still worked. The problem, in my view, has been an agenda of enforcing protocol behavior from a Throw the book non-compliance mindset, worst when dealing with integrated of optional protocols, yet not equally applied. e.g., I don't wish to honor that other protocol SHOULD but you MUST follow my protocol SHOULD. -- Sincerely Hector Santos http://www.santronics.com ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Keith == Keith Moore mo...@network-heretics.com writes: In my view, SHOULD are user protocol options to set. Keith In my view, SHOULD should rarely be used for optional Keith protocol features, because optional protocol features should Keith themselves be rare. And the primary purpose of SHOULD is not Keith to permit optional protocol features. Let me give an example of where I think SHOULD is useful: a TLS end-point SHOULD verify the received certificate against a trusted anchor. Removing this requirement in SMTP-TLS has meant that we now have opportunistically encrypted email transmission. It makes sense for the TLS library to have this option. In a web browser, the same SHOULD is much more controversial. Some TLS libraries have this as a MUST, and there is all sorts of trouble for people implementing other protocols or authentication mechanisms over TLS. -- ] He who is tired of Weird Al is tired of life! | firewalls [ ] Michael Richardson, Sandelman Software Works, Ottawa, ON|net architect[ ] m...@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[ Kyoto Plus: watch the video http://www.youtube.com/watch?v=kzx1ycLXQSE then sign the petition. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
I think we should update our RFCs when there's a generally accepted errata. I mean, I know about errata. I browse IETF docs through tools.ietf.org and they show me the errata links. But... shame on me... I don't click through those links often enough. I suspect I'd miss a few even if I was implementing something. Its far better if the entire document is up to date. I suspect this holds for other at least some other people, too. Jari On 31.08.2011 18:54, Peter Saint-Andre wrote: On 8/31/11 9:52 AM, Keith Moore wrote: or maybe just file an erratum. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
RE: 2119bis
-Original Message- From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of Keith Moore Sent: Wednesday, August 31, 2011 9:03 AM To: Hector Cc: IETF discussion list Subject: Re: 2119bis Because of long experience that indicates that implementors often fail to read base specifications thoroughly, much less the referenced specifications. I absolutely agree, and also with your earlier point that a lot of people apparently either don't bother to read RFC2119 at all, or (in my experience) read it selectively. If there is an RFC2119bis, I would like to see it illustrate the cases where a MUST would be preferred over a SHOULD, and vice-versa, such that the implications to both the spec author and the reader are clarified. It already seems to start down that road, which is fine. But I don't think there's anything wrong with the definitions as we have them; I think they've served us well for the last fourteen years. I don't agree at all with the interpretation of SHOULD as an optional protocol feature in all cases. RFC2119 makes it clear what SHOULD and RECOMMENDED mean beyond the dictionary definition. They are not an invitation to disregard those requirements merely because they are hard to implement or would confuse end users if exposed. It seems clear to me that SHOULD is the same as MUST... UNLESS, and the unless part has to be carefully considered in terms of how interoperability will be affected, not how your source code or user interface will become more complicated. It's certainly the case that there are some documents that got use of SHOULD wrong, but that doesn't mean RFC2119 is broken. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Murray S. Kucherawy wrote: -Original Message- But I don't think there's anything wrong with the definitions as we have them; I think they've served us well for the last fourteen years. Correct and by far, most deployments have use SHOULD = OPTION with an documented right to IGNORE - so be it written so be it followed. The MUST-IMPLEMENT seems to be an exception and not the rule and even then is inconsistency in application seem to be very selective. Maybe Tony's I-D can help reinforce this concept of a Recommendation: SHOULD, RECOMMENDED: The words ought, encouraged and suggest strongly can be used to connote something that is strongly urged. and I hope these terms still don't means MUST-IMPLEMENT and worst a MUST-USE by the operator. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
RE: 2119bis
-Original Message- From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of Hector Sent: Wednesday, August 31, 2011 10:57 AM Cc: IETF discussion list Subject: Re: 2119bis But I don't think there's anything wrong with the definitions as we have them; I think they've served us well for the last fourteen years. Correct and by far, most deployments have use SHOULD = OPTION with an documented right to IGNORE - so be it written so be it followed. This sentence is self-contradictory. SHOULD is, by definition, not OPTIONAL. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Hi - From: Murray S. Kucherawy m...@cloudmark.com To: IETF discussion list ietf@ietf.org Sent: Wednesday, August 31, 2011 11:00 AM Subject: RE: 2119bis -Original Message- From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of Hector Sent: Wednesday, August 31, 2011 10:57 AM Cc: IETF discussion list Subject: Re: 2119bis But I don't think there's anything wrong with the definitions as we have them; I think they've served us well for the last fourteen years. Correct and by far, most deployments have use SHOULD = OPTION with an documented right to IGNORE - so be it written so be it followed. This sentence is self-contradictory. SHOULD is, by definition, not OPTIONAL. I disagree with the claim that there is a contradiction there, but I also think IGNORE is incorrect. The only difference between SHOULD and MAY is that the implementor / deployer needs a good excuse to not implement / employ a SHOULD. That's not the same as IGNORE. However, looking at an implementation from a conformance testing perspective, these are indistinguishable. If the conditions under which the feature may be omitted are well-defined, then an if not x MUST y structure would be much more appropriate, and this can be easily handled with the existing keywords. Randy ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
RE: 2119bis
-Original Message- From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of Randy Presuhn Sent: Wednesday, August 31, 2011 11:31 AM To: IETF discussion list Subject: Re: 2119bis This sentence is self-contradictory. SHOULD is, by definition, not OPTIONAL. I disagree with the claim that there is a contradiction there, but I also think IGNORE is incorrect. What was said is SHOULD = OPTION, but RFC2119 says OPTIONAL is the same as MAY. That's the contradiction. The only difference between SHOULD and MAY is that the implementor / deployer needs a good excuse to not implement / employ a SHOULD. That's not the same as IGNORE. But that's a big difference. I think some people are being cavalier about the good excuse part, and that's where I have a problem. RFC2119 is not unclear on this point. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Murray S. Kucherawy wrote: The only difference between SHOULD and MAY is that the implementor / deployer needs a good excuse to not implement / employ a SHOULD. That's not the same as IGNORE. But that's a big difference. I think some people are being cavalier about the good excuse part, and that's where I have a problem. RFC2119 is not unclear on this point. Correct again, it is not unclear. It says it very clear. I don't know why you wish to ignore Tony's I-D reinforcing this concept and optional implementation: SHOULD, RECOMMENDED: The words ought, encouraged and suggest strongly can be used to connote something that is strongly urged. There is no possibility to interpret SHOULD as nothing else as an optional implementation and thus can be ignored. Of course, the presumptions are: - Faith in your engineering peers, - Due Diligence decision to decide to ignore it, and - understanding if it was implemented, it could be ignored by consumers. If that is not enough, we have a huge deployment history where SHOULDs was ignored and implemented as an option for operators, and we have history where a SHOULD was changed to a MUST and it caused problems. If your interpretation was correct, this change would not have been necessary. IMV, the evidence is quite clear that SHOULD has no MUST-IMPLEMENT concept and never had. If people read it that way, it probably did not cause a problem. So no big deal. But if they expected others to MUST-IMPLEMENT a SHOULD and broke down because of that expectation, then I suggest they didn't read RFC2119 correctly. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
RE: 2119bis
Hi, Sometimes the drafts says that something SHOULD be done, but the justification is unclear to the reader, so it can be difficult to interpret the meaning correctly. So, I think it would cause less confusion if drafts made a better job of describing WHY something is a SHOULD, or MUST. Something like SHOULDBECAUSE :) Regards, Christer From: ietf-boun...@ietf.org [ietf-boun...@ietf.org] On Behalf Of Hector [sant9...@gmail.com] Sent: Wednesday, August 31, 2011 10:07 PM Cc: IETF discussion list Subject: Re: 2119bis Murray S. Kucherawy wrote: The only difference between SHOULD and MAY is that the implementor / deployer needs a good excuse to not implement / employ a SHOULD. That's not the same as IGNORE. But that's a big difference. I think some people are being cavalier about the good excuse part, and that's where I have a problem. RFC2119 is not unclear on this point. Correct again, it is not unclear. It says it very clear. I don't know why you wish to ignore Tony's I-D reinforcing this concept and optional implementation: SHOULD, RECOMMENDED: The words ought, encouraged and suggest strongly can be used to connote something that is strongly urged. There is no possibility to interpret SHOULD as nothing else as an optional implementation and thus can be ignored. Of course, the presumptions are: - Faith in your engineering peers, - Due Diligence decision to decide to ignore it, and - understanding if it was implemented, it could be ignored by consumers. If that is not enough, we have a huge deployment history where SHOULDs was ignored and implemented as an option for operators, and we have history where a SHOULD was changed to a MUST and it caused problems. If your interpretation was correct, this change would not have been necessary. IMV, the evidence is quite clear that SHOULD has no MUST-IMPLEMENT concept and never had. If people read it that way, it probably did not cause a problem. So no big deal. But if they expected others to MUST-IMPLEMENT a SHOULD and broke down because of that expectation, then I suggest they didn't read RFC2119 correctly. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Randy Presuhn wrote: Murray stated: This sentence is self-contradictory. SHOULD is, by definition, not OPTIONAL. I disagree with the claim that there is a contradiction there, but I also think IGNORE is incorrect. That's a good point because if a good-faith decision was made to not implement a SHOULD, then there was no intent to ignore, there was no negligence and there is technical or protocol liability in that decision. -- HLS ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Aug 31, 2011, at 3:07 PM, Hector wrote: Murray S. Kucherawy wrote: The only difference between SHOULD and MAY is that the implementor / deployer needs a good excuse to not implement / employ a SHOULD. That's not the same as IGNORE. But that's a big difference. I think some people are being cavalier about the good excuse part, and that's where I have a problem. RFC2119 is not unclear on this point. Correct again, it is not unclear. It says it very clear. I don't know why you wish to ignore Tony's I-D reinforcing this concept and optional implementation: SHOULD, RECOMMENDED: The words ought, encouraged and suggest strongly can be used to connote something that is strongly urged. When the text in 2119 is already clearly written, but people fail to read it, I don't understand why adding more text in yet another document is likely to improve understanding. Adding additional text and documents inherently increases the burden on readers. Keith ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On 08/31/2011 11:14 AM, Keith Moore wrote: When the text in 2119 is already clearly written, but people fail to read it, I don't understand why adding more text in yet another document is likely to improve understanding. Adding additional text and documents inherently increases the burden on readers. This seems pretty clear to me, and perhaps it's been the only clear thing in this discussion so far. 2119 was published in 1997 and aside from a typo (that does not seem to have caused confusion, for whatever that's worth) there haven't been a lot of complaints. Thumbs up on correcting typos, and both thumbs down on using the process of correcting a typo to reopen a SHOULD/MAY rathole, or even a NOT RECOMMENDED rathole. I'd rather let the typo stand. I don't think the putative benefits of revising 2119 justify the effort. Melinda ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Keith Moore wrote: Correct again, it is not unclear. It says it very clear. I don't know why you wish to ignore Tony's I-D reinforcing this concept and optional implementation: SHOULD, RECOMMENDED: The words ought, encouraged and suggest strongly can be used to connote something that is strongly urged. When the text in 2119 is already clearly written, but people fail to read it, I don't understand why adding more text in yet another document is likely to improve understanding. Adding additional text and documents inherently increases the burden on readers. I'm having a hard time understanding why you continue to work on the basis that people fail to read essentially implying stupidity in the process. The Point being that if Tony's I-D has it as it was shown above, then it would be incorrect too in its understanding of RFC2119 because non-normative words are clearly concepts related to a non-required mandate. I suggest we have a huge history of protocol deployment where SHOULDs are ignored and SHOULDs implemented as an option, but in addition, the idea of the possibility that isn't presented as an option to operators was solely an implementator decision to enforce it and not make an optional feature for the operator to play with. It is really up to the author to describe what the intent is for a particular SHOULD because its not an universal idea that SHOULD is always implemented. Anyway, I think that's it for me on this. :) -- HLS ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Aug 31, 2011, at 3:44 PM, Hector wrote: I'm having a hard time understanding why you continue to work on the basis that people fail to read essentially implying stupidity in the process. I work on the basis of fail to read because I've seen countless examples of it. And stupidity is not the same thing as lack of diligence. The Point being that if Tony's I-D has it as it was shown above, then it would be incorrect too in its understanding of RFC2119 because non-normative words are clearly concepts related to a non-required mandate. As far as I'm concerned, Tony's I-D is a nonstarter, and therefore irrelevant. Keith ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
RE: 2119bis
-Original Message- From: ietf-boun...@ietf.org [mailto:ietf-boun...@ietf.org] On Behalf Of Keith Moore Sent: Wednesday, August 31, 2011 12:51 PM To: Hector Cc: IETF discussion list Subject: Re: 2119bis On Aug 31, 2011, at 3:44 PM, Hector wrote: I'm having a hard time understanding why you continue to work on the basis that people fail to read essentially implying stupidity in the process. I work on the basis of fail to read because I've seen countless examples of it. And stupidity is not the same thing as lack of diligence. Ditto. And I also see a lot of creative interpretation. There's little we can do to thwart any of those problems; some people read what they want to read and do so in a vacuum. As far as I'm concerned, Tony's I-D is a nonstarter, and therefore irrelevant. I certainly agree that it's irrelevant to this discussion, plus it's only an I-D at this point anyway. We're talking about a published BCP here. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On 8/31/2011 3:14 PM, Keith Moore wrote: On Aug 31, 2011, at 3:07 PM, Hector wrote: RFC2119 is not unclear on this point. Correct again, it is not unclear. It says it very clear. I don't know why you wish to ignore Tony's I-D reinforcing this concept and optional implementation: SHOULD, RECOMMENDED: The words ought, encouraged and suggest strongly can be used to connote something that is strongly urged. When the text in 2119 is already clearly written, but people fail to read it, I don't understand why adding more text in yet another document is likely to improve understanding. Adding additional text and documents inherently increases the burden on readers. context check. The purview of the non2119-nonkeywords doc is to suggest wording to use when *NOT* in the 2119 context. Perhaps the paragraph in the non2119-nonkeywords docs should read: *instead* of SHOULD or RECOMMENDED: The words ought, encouraged and suggest strongly can be used to connote something that is strongly urged. Tony ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On 08/31/2011 12:09 PM, Tony Hansen wrote: context check. The purview of the non2119-nonkeywords doc is to suggest wording to use when *NOT* in the 2119 context. Personally, I'm okay with an ambiguous, informal may. I'm even okay with an ambiguous, informal must. I'm less okay with the IETF publishing a thesaurus. Melinda ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Keith Moore wrote: The Point being that if Tony's I-D has it as it was shown above, then it would be incorrect too in its understanding of RFC2119 because the non-normative words are clearly concepts related to a non-required mandate. As far as I'm concerned, Tony's I-D is a nonstarter, and therefore irrelevant. Oh the irony in the Failure to Read labeling category, the art of selective synergism, :) if only to acknowledge the rich IETF-MAN-YEARS behind the production of this I-D and its obvious relationship to RFC2119 and any future consideration for a RFC2119BIS. :) Thanks ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
If the author is disciplined enough to use them in that manner, sure. I haven't come across many. On 01/09/2011, at 1:43 AM, Jari Arkko wrote: Unless of course one considers us the Protocol Nanny's(tm) - if do not do a SHOULD, we will send you to bed without your treacle! I.e., there IS NO DISTINCTION BETWEEN A BARE SHOULD AND A MAY. Of course there is. Its the distinction between - Qualified SHOULD) Here lie dragons. Take the recommended route, unless you know how to fight them. Unqualified SHOULD) Here lie some dangers. Check with someone who knows, or take the recommended route. MAY) Here's an area. You could go there. Of course, the first and last pieces of text are preferred. But sometimes no one was brave enough to explore the area, so we don't actually know what dangers there are, they cannot be listed. Jari -- Mark Nottingham http://www.mnot.net/ ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
This highlights an interesting issue as an RFC goes from PS to IS. I would offer that most SHOULDs in a document will, if there are real implementations out there, migrate to MUST or MUST NOT. On Aug 31, 2011, at 9:57 AM, hector wrote: I think you are speaking of long term operations where an SHOULD is so widely adopted, it inherently because a MUST have in all new implementations. So that vain, sure, eventually the better options naturally become part of the protocol to the extent the options might be even remove to simplify things. We also have the opposite where a SHOULD is implemented but no one users it so eventually, it may be remove as an option. smime.p7s Description: S/MIME cryptographic signature ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
RE: 2119bis
On 2011-08-30 at 07:36:58, Peter Saint-Andre wrote: for long enough, I finally decided to submit an I-D that is intended to obsolete RFC 2119. bike-shed IS THERE ANY CHANCE OF AGREEING THAT SHOUTING IS BAD? (i.e., Burger's first anti-law.) As opposed to mandating that requirements ought to be shouted. Lowercase must can be as effective as uppercase as long as it is consistently applied. /bike-shed On a more serious note, many documents lean too heavily on conformance terms. A gentle reminder that conformance terms ought to be sparingly used might not go astray here. It's just like the F-bomb, it's a F-ing big deal if used infrequently enough. People are more likely to pay attention when it's rare. --Martin ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On 8/30/11, Murray S. Kucherawy m...@cloudmark.com wrote: Mark Nottingham: 1) I agree that the SHOULD... UNLESS pattern ought be documented. I had never thought of this before. I kind of like the idea, especially since SHOULD has always meant MUST unless you really know what you're doing Such an odd reading. Does it mean you MUST because you could not handle it otherwise? It takes two to tango. One side reasons can be different than the other. If a software breaks down because it read SHOULD as a MUST and expected the other end will also view is a MUST, then it didn't know what it was doing. Things break down. Implementors on either side can't depend on it and need to function in lieu of it. There is always the possibility one decided Na, not needed, not worth the cost. Its not required. etc, and no one should die because of that decision. I think it MUST be noted that a Minimum Implementation for a protocol is all anyone can expect. If a SHOULD item is among the listed minimum requirements, it MUST be removed from the list or changed to a MUST. Maybe the term Minimum Implementation (is part of, is not part of) can be incorporated into each of the key word text. -- hls ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Frank, On 8/30/11 12:15 AM, Frank Ellermann wrote: On 29 August 2011 23:36, Peter Saint-Andre wrote: staring at http://www.rfc-editor.org/errata_search.php?eid=499 for long enough, I finally decided to submit an I-D that is intended to obsolete RFC 2119. There are literally thousands of documents (not only RFCs, also W3C standards, etc.) with normative references to RFC 2119 (sic!) instead of BCP 14, and I see no compelling reason to render these references as historic. On the basis of this logic we wouldn't be able to supercede any of our key RFCs. [...] How about trying an updates 2119 and status BCP, where BCP 14 then consists of 2119 and 2119bis, and old RFC 2119 references are still okay as is. What ends up happening, then, is that we need Internet lawyers to traipse through references. I challenge you or anyone else here to list all the process RFCs that update RFC 2026. Let's not repeat that fiasco with 2119. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Frank, 2119bis is going to replace RFC 2119, and Obsoletes: 2119 header is fine here. Updates: header means that some changes are made, and these specific changes are clearly indicated; 2119bis imports all the content of 2119 plus adding own changes, and is a significant update of 2119, so Updates: 2119 is inappropriate (sorry for pun). I would rather object to making RFC 2119 Historic; I remember RFC 2026 discusses such case (probably Section 6.3, which is also applicable to BCPs). So, the following change is necessary: Abstract and Introduction (similar text). OLD: If approved, this document obsoletes RFC 2119 and changes its status to Historic.; NEW: This document obsoletes RFC 2119. Mykyta Yevstifeyev 30.08.2011 1:15, Frank Ellermann wrote: On 29 August 2011 23:36, Peter Saint-Andre wrote: staring at http://www.rfc-editor.org/errata_search.php?eid=499 for long enough, I finally decided to submit an I-D that is intended to obsolete RFC 2119. There are literally thousands of documents (not only RFCs, also W3C standards, etc.) with normative references to RFC 2119 (sic!) instead of BCP 14, and I see no compelling reason to render these references as historic. For starters simply confirm the erratum, I don't see why that caused you headaches. IMO it is not necessary (but allowed) to import any BCP 14 terms not actually used in a document, i.e., I disagree with section 4 in your draft. How about trying an updates 2119 and status BCP, where BCP 14 then consists of 2119 and 2119bis, and old RFC 2119 references are still okay as is. Readers with difficulties to figure out what RFC 2119 meant might find the confirmed erratum and the updated by 2119bis with better answers. Authors could use RFC 2119, 2119bis, or even BCP 14 in the references of new documents, where BCP 14 would be new, IIRC RFC 2119 did not permit this -- fearing precisely what is happening now, somebody trying to update critical terms. I think that your new definitions match precisely what RFC 2119 wanted, but I'm also almost sure that some old 2119 clients will disagree. -Frank ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
30.08.2011 3:08, Mark Nottingham wrote: Thanks for starting this, Peter. A few comments / topics for discussion: 1) I agree that the SHOULD... UNLESS pattern ought be documented. I think 2119bis should discuss use of the keywords in conditional clauses, how to interpret something like a MUST be set to b if c is d, or a SHOULD be b if c and SHOULD be d if e etc. Defining the keyword ... IF/keyword ... UNLESS constructions for all of them? 2) I strongly believe that authors should be encouraged to enumerate the potential subjects of conformance terms, and to use them in every instance. For example, a requirement like this: The Foo header MUST contain the bar directive is ambiguous; it doesn't specify who has to do what. Rather, Senders MUST include the bar directive when producing the Foo header; recipients that receive a Foo header without a bar directive MUST ... is unambiguous (assuming that the spec defines the terms sender and recipient). +1. 3) It may be worth further cautioning against over-use of MAY; this is the most-abused term, IME. Perhaps encouraging people to make requirements testable on the wire would help. My personal observation is that MAY is often used in sense of can, i.e. to designate possibility rather than optionality. So 2119bis should be clear that MAY is used for describing discretionary actions/behavior, and those authors who wish to denote possible action should use can, which shouldn't be included in the repertoire as being irrelevant to conformance. 4) WRT to the status of the document -- if people really feel that we don't need to revise 2119, I'd define this as a superset of 2119 and NOT obsolete it; i.e., have documents opt into it. However, I'd hope that we can get consensus that it's time to build on what 2119 offers. See my previous message. Mykyta Yevstifeyev Cheers, On 30/08/2011, at 7:36 AM, Peter Saint-Andre wrote: After staring at http://www.rfc-editor.org/errata_search.php?eid=499 for long enough, I finally decided to submit an I-D that is intended to obsolete RFC 2119. I hope that I've been able to update and clarify the text in a way that is respectful of the original. Feedback is welcome. http://www.ietf.org/id/draft-saintandre-2119bis-01.txt Peter -- Peter Saint-Andre https://stpeter.im/ ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf -- Mark Nottingham http://www.mnot.net/ ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Dear Eric; I support adding the SHOULD ... UNLESS formalism (although maybe it should be MUST... UNLESS). It would be useful as there will be times where the UNLESS can be specified and has been given due consideration at the time of writing. That, however, will not always be the case. (More inline). On Mon, Aug 29, 2011 at 10:44 PM, Eric Burger ebur...@standardstrack.comwrote: Yes, and... I would offer that for most cases, If Y then MUST X or If Z then MUST NOT X *are* what people usually mean when they say SHOULD. In the spirit of Say What You Mean, a bare SHOULD at the very least raise an ID-nit, suggesting to the author to turn the statement into the if Y then MUST X or if Z then MUST NOT X form. Being pedantic and pedagogic: SHOULD send a 1 UNLESS you receive a 0 really means UNLESS you receive a 0, one MUST send a 1. My vision of the UNLESS clause is not necessarily a protocol state, but an environment state. These are things that I can see fit the SHOULD/UNLESS form: SHOULD send a 1 UNLESS you are in a walled garden SHOULD flip bit 27 UNLESS you have a disk SHOULD NOT explode UNLESS you are a bomb are all reasonable SHOULD-level statements. But how about SHOULD do FOO UNLESS you have given serious consideration as to the consequences of not doing FOO. Isn't that really the original intention of SHOULD ? Do we gain anything if that is added every time it is used? I would offer that ANY construction of SHOULD without an UNLESS is a MAY. How about this as a counterexample. In London, you MAY use the tube for transport. Given the weather, you SHOULD carry an umbrella. This SHOULD and MAY convey different things, in a way that I would argue is useful, and enumerating a list of UNLESSes is not going to be exhaustive. Unless of course one considers us the Protocol Nanny's(tm) - if do not do a SHOULD, we will send you to bed without your treacle! Now, now, now. This is the IETF. We use cookies for motivation. Regards Marshall I.e., there IS NO DISTINCTION BETWEEN A BARE SHOULD AND A MAY. On Aug 29, 2011, at 9:47 PM, ned+i...@mauve.mrochek.com wrote: Hi - From: Eric Burger eburge...@standardstrack.com To: Narten Thomas nar...@us.ibm.com; Saint-Andre Peter stpe...@stpeter.im Cc: IETF discussion list ietf@ietf.org Sent: Monday, August 29, 2011 3:08 PM Subject: Re: 2119bis I would assume in the text of the document. This paragraph is simply an enumeration of Burger's Axiom: For every SHOULD, there must be an UNLESS, otherwise the SHOULD is a MAY. I disagree. I concur with your disagreement. SHOULD should *not* be used when the list of exceptions is known and practically enumerable. If the UNLESS cases can be fully enumerated, then SHOULD x UNLESS y is equivalent to WHEN NOT y MUST X. (Both beg the question of whether we would need to spell out that WHEN y MUST NOT X is not necessarily an appropriate inference.) RFC 2119 SHOULD is appropriate when the UNLESS cases are known (or suspected) to exist, but it is not practical to exhaustively identify them all. Let's not gild this lily. +1 Ned ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
+1, too. This goes along with my strong desire to eliminate passive voice, unless the goal is to have the actor be obfuscated (as an example). On Aug 30, 2011, at 5:29 AM, Mykyta Yevstifeyev wrote: 2) I strongly believe that authors should be encouraged to enumerate the potential subjects of conformance terms, and to use them in every instance. For example, a requirement like this: The Foo header MUST contain the bar directive is ambiguous; it doesn't specify who has to do what. Rather, Senders MUST include the bar directive when producing the Foo header; recipients that receive a Foo header without a bar directive MUST ... is unambiguous (assuming that the spec defines the terms sender and recipient). +1. smime.p7s Description: S/MIME cryptographic signature ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Aug 30, 2011, at 9:24 AM, Marshall Eubanks wrote: Dear Eric; I support adding the SHOULD ... UNLESS formalism (although maybe it should be MUST... UNLESS). It would be useful as there will be times where the UNLESS can be specified and has been given due consideration at the time of writing. That, however, will not always be the case. (More inline). [snip] But how about SHOULD do FOO UNLESS you have given serious consideration as to the consequences of not doing FOO. Isn't that really the original intention of SHOULD ? Do we gain anything if that is added every time it is used? Looking at this from a protocol perspective, SHOULD now equals MAY. There is no objective way of deciding when to do FOO or not. [snip] smime.p7s Description: S/MIME cryptographic signature ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
I would offer that working groups that say to do something that may or may not hold in foreseen or unforeseen circumstances is most likely working on a protocol that is way too complex and is begging for interoperability problems. What ever happened to building simple, point-solution protocols that followed the hour-glass and end-to-end principles, and then building your complex protocols out of them? On Aug 29, 2011, at 11:11 PM, Keith Moore wrote: On Aug 29, 2011, at 10:44 PM, Eric Burger wrote: I would offer that ANY construction of SHOULD without an UNLESS is a MAY. The essential beauty of SHOULD is that it gets specification writers and working groups out of the all-too-common rathole of trying to anticipate and nail down every exceptional case. Keith ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf smime.p7s Description: S/MIME cryptographic signature ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
I think you're overgeneralizing. My experience is that judicious use of SHOULD seems to make both protocols and protocol specifications simpler; trying to nail everything down makes them more complex. Keith On Aug 30, 2011, at 9:51 AM, Eric Burger wrote: I would offer that working groups that say to do something that may or may not hold in foreseen or unforeseen circumstances is most likely working on a protocol that is way too complex and is begging for interoperability problems. What ever happened to building simple, point-solution protocols that followed the hour-glass and end-to-end principles, and then building your complex protocols out of them? On Aug 29, 2011, at 11:11 PM, Keith Moore wrote: On Aug 29, 2011, at 10:44 PM, Eric Burger wrote: I would offer that ANY construction of SHOULD without an UNLESS is a MAY. The essential beauty of SHOULD is that it gets specification writers and working groups out of the all-too-common rathole of trying to anticipate and nail down every exceptional case. Keith ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Aug 30, 2011, at 9:24 AM, Marshall Eubanks wrote: I support adding the SHOULD ... UNLESS formalism (although maybe it should be MUST... UNLESS). It would be useful as there will be times where the UNLESS can be specified and has been given due consideration at the time of writing. That, however, will not always be the case. (More inline). How would SHOULD...UNLESS or MUST...UNLESS differ from using the current 2119 definitions and just writing SHOULD...unless or MUST ... unless? Personally I think 2119 is just fine and doesn't need to be updated. Keith ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
This sentiment mostly makes sense. If an endpoint expects SHOULD/MAY items implemented as MUSTs on the remote end, then one should slap the endpoint developer silly. Read the RFC! If it says SHOULD/MAY, then your implementation MUST be able to handle the feature present *and* absent. Note that every SHOULD/MAY in a specification introduces cyclomatic complexity. Every SHOULD/MAY results in at least one if statement, to test the presence or absence of the feature in the remote end. Protocols will be much simpler to implement. Moreover, given the results in the software engineering literature that indicate latent defects appear super-linearly with cyclomatic complexity, protocols without (or a minimum) of SHOULD/MAY features will have fewer defects in the field. Remember, we are working on Internet protocols, where a one-in-a-million corner case happens many times per day. On Aug 30, 2011, at 4:00 AM, HLS wrote: On 8/30/11, Murray S. Kucherawy m...@cloudmark.com wrote: Mark Nottingham: 1) I agree that the SHOULD... UNLESS pattern ought be documented. I had never thought of this before. I kind of like the idea, especially since SHOULD has always meant MUST unless you really know what you're doing Such an odd reading. Does it mean you MUST because you could not handle it otherwise? It takes two to tango. One side reasons can be different than the other. If a software breaks down because it read SHOULD as a MUST and expected the other end will also view is a MUST, then it didn't know what it was doing. Things break down. Implementors on either side can't depend on it and need to function in lieu of it. There is always the possibility one decided Na, not needed, not worth the cost. Its not required. etc, and no one should die because of that decision. I think it MUST be noted that a Minimum Implementation for a protocol is all anyone can expect. If a SHOULD item is among the listed minimum requirements, it MUST be removed from the list or changed to a MUST. Maybe the term Minimum Implementation (is part of, is not part of) can be incorporated into each of the key word text. -- hls ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf smime.p7s Description: S/MIME cryptographic signature ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Aug 30, 2011, at 9:56 AM, Eric Burger wrote: Every SHOULD/MAY results in at least one if statement, to test the presence or absence of the feature in the remote end. false. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
Strictly speaking, you are correct, in that if one interprets SHOULD/MAY as 'not bother', one does not need to check, unless the presence of the remote end doing the feature results in your barfing. However, if one interprets SHOULD/MAY as 'bother', then one most likely needs to check on the capabilities of the far end or handle the varying data elements or protocol states that will or will not happen. On Aug 30, 2011, at 9:58 AM, Keith Moore wrote: On Aug 30, 2011, at 9:56 AM, Eric Burger wrote: Every SHOULD/MAY results in at least one if statement, to test the presence or absence of the feature in the remote end. false. ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf smime.p7s Description: S/MIME cryptographic signature ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/30/2011 06:54 AM, Keith Moore wrote: I think you're overgeneralizing. My experience is that judicious use of SHOULD seems to make both protocols and protocol specifications simpler; trying to nail everything down makes them more complex. But using SHOULD does not make the implementation less complex, it simply decreases the complexity for the *author* and increases the probability that two independent implementations will have interoperability problems. As an implementer, I would ban all SHOULD/SHOULD NOT/RECOMMENDED/NOT RECOMMENDED. Keith On Aug 30, 2011, at 9:51 AM, Eric Burger wrote: I would offer that working groups that say to do something that may or may not hold in foreseen or unforeseen circumstances is most likely working on a protocol that is way too complex and is begging for interoperability problems. What ever happened to building simple, point-solution protocols that followed the hour-glass and end-to-end principles, and then building your complex protocols out of them? On Aug 29, 2011, at 11:11 PM, Keith Moore wrote: On Aug 29, 2011, at 10:44 PM, Eric Burger wrote: I would offer that ANY construction of SHOULD without an UNLESS is a MAY. The essential beauty of SHOULD is that it gets specification writers and working groups out of the all-too-common rathole of trying to anticipate and nail down every exceptional case. - -- Marc Petit-Huguenin Personal email: m...@petit-huguenin.org Professional email: petit...@acm.org Blog: http://blog.marc.petit-huguenin.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk5c8DMACgkQ9RoMZyVa61dv/ACfRCGdkyioOtkcLOR5P5AT7EGE y/gAn2LtqRUztE/HJEpTAMuY2eoVrRjp =VFmG -END PGP SIGNATURE- ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On 8/30/11, Keith Moore mo...@network-heretics.com wrote: On Aug 30, 2011, at 9:24 AM, Marshall Eubanks wrote: Personally I think 2119 is just fine and doesn't need to be updated. Keith +1 -- hls ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
Re: 2119bis
On Aug 30, 2011, at 10:13 AM, Eric Burger wrote: On Aug 30, 2011, at 9:58 AM, Keith Moore wrote: On Aug 30, 2011, at 9:56 AM, Eric Burger wrote: Every SHOULD/MAY results in at least one if statement, to test the presence or absence of the feature in the remote end. false. Strictly speaking, you are correct, in that if one interprets SHOULD/MAY as 'not bother', one does not need to check, unless the presence of the remote end doing the feature results in your barfing. However, if one interprets SHOULD/MAY as 'bother', then one most likely needs to check on the capabilities of the far end or handle the varying data elements or protocol states that will or will not happen. SHOULD/MAY is used for many other cases than whether to implement a protocol feature that changes how the protocol works as viewed by its peer. Keith ___ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf