Content deleted Content added
identify as tragedy of the commons and link to collective action problem |
→Prevention and remediation: mention chaos engineering as related to greasing |
||
Line 28:
The [[Internet Architecture Board]] recommended in 2019 that implicit signals to observers should be replaced with signals deliberately intended for the consumption of those observers, and signals not intended for their consumption should be not be available to them (e.g., by encryption); and also that the protocol metadata should be [[message authentication|integrity protected]] so that it cannot be modified by middleboxes.{{sfn|Hardie|2019|p=7-8}} However, even fully encrypted metadata may not entirely prevent ossification in the network, as the wire image of a protocol can still show patterns that come to be relied upon.{{sfn|Fairhurst|Perkins|2021|loc=7. Conclusions}} Network operators use metadata for a variety of benign management purposes,{{sfn|Fairhurst|Perkins|2021|loc=2. Current Uses of Transport Headers within the Network}} and Internet research is also informed by data gathered from protocol metadata;{{sfn|Fairhurst|Perkins|2021|loc=3. Research, Development, and Deployment}} a protocol's designer must balance ossification resistance against observability for operational or research needs.{{sfn|Fairhurst|Perkins|2021|loc=7. Conclusions}}
Active use of extension points is required if they are not to ossify.{{sfn|Thomson|Pauly|2021|loc=3. Active Use}} Reducing the number of extension points, documenting invariants that protocol participants can rely on as opposed to incidental details that must not be relied upon, and prompt detection of issues in deployed systems can assist in ensuring active use.{{sfn|Thomson|Pauly|2021|loc=4. Complementary Techniques}} However, even active use may only exercise a narrow portion of the protocol and ossification can still occur in the parts that remain invariant in practice despite theoretical variability.{{sfn|Thomson|Pauly|2021|loc=3.1. Dependency Is Better}}{{sfn|Trammell|Kuehlewind|2019|p=7}} 'Greasing' an extension point, where some implementations indicate support for non-existent extensions, can ensure that actually-existent-but-unrecognised extensions are tolerated (cf. [[chaos engineering]]).{{sfn|Thomson|Pauly|2021|loc=3.3. Falsifying Active Use}} [[HTTP headers]] are an example of an extension point that has successfully avoided significant ossification, as participants will generally ignore unrecognised headers.{{sfn|Thomson|Pauly|2021|loc=3.4. Examples of Active Use}}
A new protocol may be designed to mimic the wire image of an existing ossified protocol;{{sfn|Papastergiou|Fairhurst|Ros|Brunstrom|2017|p=623}} alternatively, a new protocol may be to [[encapsulation (networking)|encapsulated]] within an existing, tolerated protocol. A disadvantage of encapsulation is that there is typically overhead and redundant work (e.g., outer checksums made redundant by inner integrity checks).{{sfn|Papastergiou|Fairhurst|Ros|Brunstrom|2017|p=623-4}}
| |||