IETF Logo Mail Archive

Re: [core] CoMI Cool draft splits

Andy Bierman <andy@yumaworks.com> Thu, 19 November 2015 16:28 UTC

Return-Path: <andy@yumaworks.com>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 528CA1B2C5E for <core@ietfa.amsl.com>; Thu, 19 Nov 2015 08:28:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3mm3hjtMu5rG for <core@ietfa.amsl.com>; Thu, 19 Nov 2015 08:28:47 -0800 (PST)
Received: from mail-lb0-x22c.google.com (mail-lb0-x22c.google.com [IPv6:2a00:1450:4010:c04::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C96C31A6FE0 for <core@ietf.org>; Thu, 19 Nov 2015 08:19:50 -0800 (PST)
Received: by lbbcs9 with SMTP id cs9so46553384lbb.1 for <core@ietf.org>; Thu, 19 Nov 2015 08:19:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yumaworks-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Fo45V+r22sEwlq8OjIGDbA3vIGtioMhFL0bbaX4uAoI=; b=x+4ALNErpHsr2Gm7KJipN0pZ+y8s9b3EC9sf2dcYNht17oIz5hTiiN2YxqXFRcwgtN qmwkSTxjxhLUQQbQwUqWegjUwudvYhzPu9ZAz0k3JXsQpW6UdShxRtOfgfPedTzEEYaX bpufEJm2JuAc65H/5Ssa/V8NsAH6NxRzVxY9f88Qse3s8FOHBGL/DPzcezCh7SalEe5e MGOX9d3abLa5rG9fiN9biwhUOAFgBW0Yb0fM0qVpWLjmb3b1LQF7C9cg0M1InzS92CsZ 6IxQaqonrTwXn99IhSLaeToCl3uroMsFSAPmX5nNciuRd7MJz9t+ycSlB61YqRBXpnFm rc/w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=Fo45V+r22sEwlq8OjIGDbA3vIGtioMhFL0bbaX4uAoI=; b=hQMGkANCp2qelpsupggOaOa+YqWX4o5ySibqzw8MYLQJA1nWz0vjz1hFx9wFANjO4M 0cyBjPhy09CsZflv2IpAAPTbCTYEu9ZOnh50MR21UVxQP5m4nrz9zA8O0pi0c79stIZz rybna4JiWLlj8iiQD6lCTOrfv2OfENrHXjSchMhViSlKvEryvMtTmBAoP/OGT14wpoz1 K+8TKdwFhw49m4hePHlmi482F1HzFsM5/M5E+HVO+Bcik2gORJ5jZmHx2xevSFt04yS1 HvjdXa/Os7yiMhmfnoFsp+4JOnuNlfHf4V894DKxTPf330xuGF8dhxJ5+v/Qi/hqoWBE tYxQ==
X-Gm-Message-State: ALoCoQkrqfqD0bLifoEuOmLuOjcLvWPrNEfrjTSm4eC364pmAUAiHusVtokKAnOgHURdEIlfHnVW
MIME-Version: 1.0
X-Received: by 10.112.140.197 with SMTP id ri5mr3705942lbb.65.1447949988769; Thu, 19 Nov 2015 08:19:48 -0800 (PST)
Received: by 10.112.144.106 with HTTP; Thu, 19 Nov 2015 08:19:48 -0800 (PST)
In-Reply-To: <0E9A48AB39AF3547ACD28A6DE3E2906A0F1ACE72@ATBRAGMSX02.itiso.net>
References: <0559fa310f26530d1c1e89c1ed64b7aa@xs4all.nl> <BN1PR04MB424BAAB4D9E771D891BD06F921D0@BN1PR04MB424.namprd04.prod.outlook.com> <CABCOCHQ8QQArhVUVT4FkYOYnYny4osGMeY4F6jvNjZ0v9Pa3bg@mail.gmail.com> <cf7b132ec85a3781bf4e3a28cda4cb97@xs4all.nl> <0E9A48AB39AF3547ACD28A6DE3E2906A0F1AC492@ATBRAGMSX02.itiso.net> <CABCOCHROWZtR3jZ431ZK_rxZR-giAr9qzGcANzYSD-a85dSyHQ@mail.gmail.com> <0E9A48AB39AF3547ACD28A6DE3E2906A0F1ACE72@ATBRAGMSX02.itiso.net>
Date: Thu, 19 Nov 2015 08:19:48 -0800
Message-ID: <CABCOCHTQ6h6zAzL+OyrMT_xKcOzk1=Z7DtaSniQTO2PTOuDW9w@mail.gmail.com>
From: Andy Bierman <andy@yumaworks.com>
To: Somaraju Abhinav <abhinav.somaraju@tridonic.com>
Content-Type: multipart/alternative; boundary="001a11c25b46bbccc00524e720b1"
Archived-At: <http://mailarchive.ietf.org/arch/msg/core/Rqvhv0-BDm6imMUcbNmFN0RMwIM>
Cc: Core <core@ietf.org>
Subject: Re: [core] CoMI Cool draft splits
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Nov 2015 16:28:53 -0000

On Thu, Nov 19, 2015 at 2:06 AM, Somaraju Abhinav <
abhinav.somaraju@tridonic.com> wrote:

> Hi Andy,
> please see inline for comments.
> ------------------------------
> *From:* Andy Bierman [andy@yumaworks.com]
> *Sent:* Wednesday, November 18, 2015 5:32 PM
> *To:* Somaraju Abhinav
> *Cc:* consultancy@vanderstok.org; Core
> *Subject:* Re: [core] CoMI Cool draft splits
>
>
>
> On Wed, Nov 18, 2015 at 12:31 AM, Somaraju Abhinav <
> abhinav.somaraju@tridonic.com> wrote:
>
>> Hi Peter,
>> I like your proposal of starting with the four drafts. Just a few comments
>>
>> - Before working through iv) function set, I think it makes a little bit
>> of time working out what use cases we want to support. In particular, I
>> think we should decide if we are only going to address Netconf/Restconf
>> support or if we expect to support Yang application layer module
>> management. In my opinion, in constrained networks we will not support two
>> management protocols one for networking and one for application layer.
>> Therefore, we should support both in the function set.
>>
>>
> We don't know this term "YANG application layer module management" in the
> NETMOD WG.
> The semantics of the YANG module can be anything.  The same language is
> used for devices
> and controllers, as well as application and server code generation by many
> tools.
> [AS] Agreed. But we understanding this explains what function set we want
> to support. One example was the argument to include RPC/operations. I think
> CoMI currently does not support RPCs because the need to do so was not
> clear from a network management point of view. However, for applications, I
> can provide clear reasons to do so. Same thing for "actions" from the Yang
> 1.1 draft.
>



I think the term "constrained" is not widely agreed upon in the IETF.
Why not just use RESTCONF and not bother with CoMI?
At some point, the value of re-inventing everything becomes unclear.



>
>> - Access control. I think for iv) function set, we should also think
>> about how access control is going to work while we look at the function
>> set. I don't know if this is a separate draft in a different WG (e.g. ACE).
>> But from the perspective of being able to use a device management protocol,
>> unless we also get interoperability for access control/security mechanisms,
>> the drafts will not be usable in the field.
>>
>
>
> Would this be a replacement for NACM, which is how authorization is handled
> for YANG data.
> [AS] Yes. I think CoMI/CoOL should recommend something similar to NACM.
> Whether it is based on NACM or something new that is coming from ACE/COSE
> is up for discussion. This also relates to the previous point about use
> cases. Will we also use the same access control methods also for
> application layer CoAP resources?
>
>
We plan to just use NACM to configure what a client is authorized to access
wrt/ management data and operations.  Again, how much value is there
in reinventing stuff?  E.g., CooL copies ietf-yang-library inline just to
change
a string to a number. Same thing with ietf-yang-patch. IMO the savings from
using CBOR
are good enough.  If the data models and protocol operations are altered,
then supporting
CoMI is a separate development effort for every data model.  This does not
scale well.
I prefer to use the same code but with more efficient plumbing down in the
transport.





>
>> - Regarding Versions of YANG modules: I do not understand why we need
>> consistent numbering when a module version gets upgraded. As Rodney already
>> mentioned, we can not assume that new versions of a module are supersets of
>> old versions. I think it is also important to keep using the automated
>> numbering scheme as far as possible. So, my questions is the following: do
>> we need data node IDs consistent across versions of YANG modules.
>>
>>
>
> YANG is just like SMIv2 wrt/ permanent identifiers.
> [AS] I did not realise that all YANG modules MUST have permanent module
> identifiers. Could you please point me to the right reference where I can
> read about this? Anyways, the permanent identifiers need not be the same as
> the identifiers that should be used withing the API to access the modules
> themselves (i.e the identifiers used withing CoOL to access data).
> Therefore, my questions still stays the same, do data node IDs need to be
> the same across multiple versions of the same module.
>



Look at section 10 in RFC 6020.
This describes what is allowed to change in a new revision of a module.
Notice how "rename object" is not in the list?  Sec. 10 is normative.
YANG modules that do not follow these rules are invalid modules.

Stable identifiers are useful because old clients can continue to
work with new servers.  YANG allows old data to be extended with
optional nodes.  A new set of identifiers per revision requires
the clients to store all versions of each identifier in order to
maintain backward compatibility with old servers.


Andy



>
> Once an ID is assigned it is never removed.
> The 'status' statement is used to manage lifecycle issues like obsolete
> objects.
> So you can assume revision N+1 is a superset of N (at least for the purpose
> of object identification).
>
> When a module is updated in the server, we usually attempt to minimize the
> change
> such that existing client code will continue to work without an upgrade.
> This is how YANG Hash works.  If the Cool numbers are version-specific,
> then
> a client needs to store multiple sets of IDs to work with each version,
> and also
> needs to be updated anytime a server it manages is updated.
>
>
> Abhinav
>>
>
> Andy
>
>
>>
>> ________________________________________
>> From: core [core-bounces@ietf.org] on behalf of peter van der Stok [
>> stokcons@xs4all.nl]
>> Sent: Wednesday, November 18, 2015 8:27 AM
>> To: Andy Bierman
>> Cc: Core
>> Subject: Re: [core] CoMI Cool draft splits
>>
>> >
>> > I think the YANG Hash draft should be separate from the protocol.
>> > We want to use it with RESTCONF, as well as the YANG/CBOR encoding.
>> >
>>
>> I agree with Andy here.
>> Although I sympathize with Rodney, that once the four drafts are
>> reality, the WG should decide about adoption and a recombination of
>> documents.
>>
>> Peter
>>
>> _______________________________________________
>> core mailing list
>> core@ietf.org
>> https://www.ietf.org/mailman/listinfo/core
>> ________________________________________________________ The contents of
>> this e-mail and any attachments are confidential to the intended recipient.
>> They may not be disclosed to or used by or copied in any way by anyone
>> other than the intended recipient. If this e-mail is received in error,
>> please immediately notify the sender and delete the e-mail and attached
>> documents. Please note that neither the sender nor the sender's company
>> accept any responsibility for viruses and it is your responsibility to scan
>> or otherwise check this e-mail and any attachments.
>>
>
> ________________________________________________________ The contents of
> this e-mail and any attachments are confidential to the intended recipient.
> They may not be disclosed to or used by or copied in any way by anyone
> other than the intended recipient. If this e-mail is received in error,
> please immediately notify the sender and delete the e-mail and attached
> documents. Please note that neither the sender nor the sender's company
> accept any responsibility for viruses and it is your responsibility to scan
> or otherwise check this e-mail and any attachments.
>

v2.23.0 | Report a Bug | By Email