[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: #1415 USEPRO 3.2.1 - Number of path entries per site

To: ietf-usefor@xxxxxxx
Subject: Re: #1415 USEPRO 3.2.1 - Number of path entries per site
From: "Charles Lindsey" <chl@xxxxxxxxxxxxxxxx>
Date: Wed, 14 Feb 2007 12:42:40 GMT
List-archive: <http://www.imc.org/ietf-usefor/mail-archive/>
List-id: <ietf-usefor.imc.org>
List-unsubscribe: <mailto:ietf-usefor-request@imc.org?body=unsubscribe>
Sender: owner-ietf-usefor@xxxxxxxxxxxx
Xref: clerew local.usefor:24402

As Harald has pointed out, this has received no discussion. I won't repeat
my full argument here (see the issue tracker), but will just summarize.

There are two issues, plus some niggles (including #1414 which refers to
the same bit of text).

1. To permit sites to omit path entries which merely reflect their
internal structure without being of any benefit to the world outside. My
suggested rewording of the first paragraph of 3.2.1 was

   Except possibly when relaying to other hosts on the same site, every
   injecting, relaying, or serving agent that accepts an article MUST
   update the Path header field ....

2. The present Steps 4 and 5 of 3.2.1 are just plain wrong.

Since receiving agents are expected to do a MISMATCH check on articles
relayed to them (inserting "!!" or "!.MISMATCH...." accordingly), and only
look at the leftmost <path-identity> when doing that check, it is
essential that the 'true' identity of the site (the ones its downstreams
will be 'expecting') be the last one to be prepended, after prepending any
extra ones (e.g. a <path-nodot> such as 'demon'). However, Steps 4 and 5
currently prepend these things in the wrong order, which could cause
MISMATCH checks to fail.

Note that such "extra" identities are only put there because that site does
not want to receive articles with any of those identities already present
from its upstreams, and for historical reasons it needed more than one
identity for that purpose.

My suggested fix was to replace both those steps by

   4. The agent MUST then prepend one or more <path-identity>s identifying
   itself (as set out in section 3.2) to the Path header field content,
   separated by either "!!" or "!". However, the last (leftmost) such
   <path-identity> so appended MUST be one that is expected by the
   destination site when it in turn comes to apply Step 3 above.

Note. There is some confusion as to whether a "!" belongs to the
identity/diagnostic to its left, or to its right, and the present wording
switches betweeen these two conventions in the middle of Step 4 (and my
revision does the same switch with its "separated by"). So some further
tidying up of the whole wording might be a good idea.

On top of that, my 'either "!!" or "!"' needs further rewording to reflect
the outcome of issue #1414.

And, for my final niggle, please can we have a definition of the term
"expected" which is used at several places in 3.2.1. Essentially, it needs
to reflect whatever the receiving site is using as the "verified" identity
of the sending site (whether derived from the IP address, or from some
earlier SASL authentication, or whatever else). Usepro-06 covered this by
requiring sites to establish such a verified identity, and by then using
the term "verified" rather than "expected".

-- 
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131 Fax: +44 161 436 6133   Web: http://www.cs.man.ac.uk/~chl
Email: chl@xxxxxxxxxxxxxxxx      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5

Follow-Ups:
- Re: #1415 USEPRO 3.2.1 - Number of path entries per site
  - From: Russ Allbery

Prev by Date: Re: #1412 Cancel newsgroups: matching
Next by Date: Re: #1414 USEPRO 3.2.1: delimiter for multiple Path identities
Previous by thread: Re: #1412 Cancel newsgroups: matching
Next by thread: Re: #1415 USEPRO 3.2.1 - Number of path entries per site
Index(es):
- Date
- Thread