IETF Logo Mail Archive

Re: [Anima] Next steps for the reference document

"Michael Behringer (mbehring)" <mbehring@cisco.com> Thu, 04 June 2015 15:59 UTC

Return-Path: <mbehring@cisco.com>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0074E1A8AE8 for <anima@ietfa.amsl.com>; Thu, 4 Jun 2015 08:59:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -13.529
X-Spam-Level:
X-Spam-Status: No, score=-13.529 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_FONT_FACE_BAD=0.981, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6Ms_OLGcYCQ1 for <anima@ietfa.amsl.com>; Thu, 4 Jun 2015 08:59:27 -0700 (PDT)
Received: from rcdn-iport-7.cisco.com (rcdn-iport-7.cisco.com [173.37.86.78]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 639721A8ADC for <anima@ietf.org>; Thu, 4 Jun 2015 08:59:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=33177; q=dns/txt; s=iport; t=1433433567; x=1434643167; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=TVd7wzg2ARHrTrbVWzw5cPIljElR7xiaLBQs7Oc7vbM=; b=HOJIpEb7PC6po0W6jBplkhp/9vx5dxLvwRK/MYgG21ClX0Jvr7ynkkJ8 jly0dyTyh382EnCOOe+LsnVuzivn/jdQC4Z4xQimNCWBVhaH+indXZd4d CMTr+Sdkm33ciIlJXVRQl7jPL4CT0BscmBmGrAXlTEkl1sGvdp6bCXRWp w=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0D2BgCwdHBV/5tdJa1bgkVLVF4GvVk8gWoZAQmFdwKBOEwBAQEBAQGBC4QiAQEBBAEBASpBBBUCAgEIEQQBAQsWAQYHGwwLFAkIAQEEARIIiCUN20EBAQEBAQEBAQEBAQEBAQEBAQEBAQEXBIs/hCIBCgcBIAUoCgGDF4EWBYtchH+CP4Q8iBeDdZIsERODd2+BAwkXI4EBAQEB
X-IronPort-AV: E=Sophos;i="5.13,553,1427760000"; d="scan'208,217";a="425302845"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-7.cisco.com with ESMTP; 04 Jun 2015 15:59:25 +0000
Received: from xhc-aln-x12.cisco.com (xhc-aln-x12.cisco.com [173.36.12.86]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id t54FxPYL017568 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 4 Jun 2015 15:59:25 GMT
Received: from xmb-rcd-x14.cisco.com ([169.254.4.238]) by xhc-aln-x12.cisco.com ([173.36.12.86]) with mapi id 14.03.0195.001; Thu, 4 Jun 2015 10:59:25 -0500
From: "Michael Behringer (mbehring)" <mbehring@cisco.com>
To: Laurent Ciavaglia <Laurent.Ciavaglia@alcatel-lucent.com>, Anima WG <anima@ietf.org>
Thread-Topic: [Anima] Next steps for the reference document
Thread-Index: AdCeyJnnoO1vHkFQQ5yr85+CL+laOwAN9cwAAAiCoYA=
Date: Thu, 04 Jun 2015 15:59:25 +0000
Message-ID: <3AA7118E69D7CD4BA3ECD5716BAF28DF22FC5803@xmb-rcd-x14.cisco.com>
References: <3AA7118E69D7CD4BA3ECD5716BAF28DF22FC52BD@xmb-rcd-x14.cisco.com> <557066F0.80902@alcatel-lucent.com>
In-Reply-To: <557066F0.80902@alcatel-lucent.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.55.238.141]
Content-Type: multipart/alternative; boundary="_000_3AA7118E69D7CD4BA3ECD5716BAF28DF22FC5803xmbrcdx14ciscoc_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/anima/U58TDBeToTLx5fDVqIAU-uNNZhY>
Subject: Re: [Anima] Next steps for the reference document
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jun 2015 15:59:35 -0000

inline...
From: Laurent Ciavaglia [mailto:Laurent.Ciavaglia@alcatel-lucent.com]
Sent: 04 June 2015 16:56
To: Michael Behringer (mbehring); Anima WG
Subject: Re: [Anima] Next steps for the reference document

Hi Michael,

Thanks for rounding the todo / issue list.

I am ok to contribute on the intent and section 8 - "coordination / conflict resolution" (as per draft-behringer-anima-reference-model-01), and section 9 - "Hybrid Approach with Non-Autonomic Functions".
MB: Thanks for volunteering!
For "constrained" AN nodes, I think they are in scope, but what is the implication for the reference model document? Do we already have some inputs/requirements (e.g. from other WGs or sources) that could enlighten how / to which extent autonomic networks / their functionalities and mechanisms shall (or not) adapt (to such constrained nodes)?
MB: I think we need to work out what is the minimum "useful" autonomic node, and specify what the requirements for those are. Personally I do not think we want to make every smallest sensor fully autonomic. I see three classes:

1)      fully AN capable (what we describe today)

2)      constrained AN capable: This will be a node that for example can be an edge, can use AN functions, but doesn't participate in many functions, only has stub functionality.

3)      non AN capable (according to our definitions here): Those can still implement something "autonomic" in their own understanding of the world, but it may or may not work with what we're doing here.
We need to consider nodes in 1) and 2). For 3) I would argue we'd require some gateway between two different models. None of this is set in stone, it's just my current thinking.

I am not quite sure what you meant by the "management angle"... I assume you are talking about the management/operations of the whole system (as if deployed by e.g. a network operator). if correct, then I think some aspects of lifecycle / phases/ operations should be considered / written in the document. I can contribute to this but would prefer to start with some group discussions to see if we agree on the scope first.
MB: Yes, that's what I had in mind. Thanks for volunteering. :)

A tricky (missing) part might be the relationships among the various component. If judged useful (I think it is especially for ANIMA "outsiders"), it could be in the form of a diagram and/or linked to the (TBC) lifecycle section.
Of course, we shall not seek a ultimate, absolute reference diagram, but at least proposing one can help understanding, as you wrote: "show how all the various drafts, protocols, and discussions in the ANIMA WG fit together".
MB: Yes, we should have such a diagram. Or diagram(s).
Thanks Laurent!
Michael

Thanks, best regards, Laurent.

On 04/06/2015 15:18, Michael Behringer (mbehring) wrote:

Thanks for all who volunteered to participate in the reference doc. While detailed discussions may be between the contributors, the main technical discussions should probably take place on the main list. Here, I summarise my view on what needs to be done in the reference document.



If someone thinks he/she can produce text for the respective sections, please let me / the list know.



The overall goal is to show how all the various drafts, protocols, and discussions in the ANIMA WG fit together.



Points to address:



-       We should have a short section on intent. Explaining ingest of intent, distribution, the nature (on top of what's in RFC7575). That intent is signed, time stamps, etc. Probably pointing back to RFC7575. (Note intent distribution is handled in section 7.3)

-       Do we want to address "constrained" AN nodes, with limited capabilities, here? I think so... We'll need that for AN in constrained environments. This could go into a new section in section 3: "constrained network elements".

-       The masa section needs to be written. The masa will be an optional element. Needs to point to the bootstrap draft, which explains the basics.

-       Naming section needs meat. What names are used for, where it is in the domain cert.

-       Addressing section needs to bring in recent discussions. Needs to include how an ASA uses addressing. per node or per ASA. (I think we concluded per node).

-       Domain certificate template. We should write a section on the AN domain certificate. How the various fields are used.

-       Need to explain sub-domains

-       Section 9 needs to be worked out. This is all about conflict resolution. Maybe we should re-name that section? RFC 7575 already mentions this. Maybe we don't need much more here.

-       trust management: inside a domain, between domain and sub-domain, and between domains. This should become a new section.

-       Need to treat the question of the "out of band" ACP versus the inline ACP. The two models both work, but there are implications, different benefits, drawbacks, etc. This needs to be explained.

-       Routing: In the case of a virtually separate ACP, as in draft-behringer-anima-autonomic-control-plane, we need to also define a routing protocol (thinking of the discussion in homenet, this might be "fun"...)

-       Need considerations for APIs: How can ASAs use the ANI?

-       Need considerations for a data model. What it should cover, scope.

-       We should also describe the management angle

-       Security considerations need to be expanded. Threat analysis needs work; need general security considerations, talk about the PKI and trust model, etc.



Thoughts? Anything missing? Any volunteer for a specific part?



Michael



_______________________________________________

Anima mailing list

Anima@ietf.org<mailto:Anima@ietf.org>

https://www.ietf.org/mailman/listinfo/anima





--

Bien cordialement, Best regards,

Laurent Ciavaglia
Secure Cloud Networking
Bell Labs | Alcatel Lucent

phone: +33 160 402 636
email: laurent.ciavaglia@alcatel-lucent.com<mailto:laurent.ciavaglia@alcatel-lucent.com>
linkedin: laurentciavaglia<http://fr.linkedin.com/in/laurentciavaglia/>
address: Route de Villejust | 91620 Nozay | France

v2.23.0 | Report a Bug | By Email