Re: [Detnet] Yangdoctors last call review of draft-ietf-detnet-yang-14
Don Fedyk <dfedyk@labn.net> Thu, 18 November 2021 21:34 UTC
Return-Path: <dfedyk@labn.net>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 382113A0AAF; Thu, 18 Nov 2021 13:34:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=labn.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Llzttxv_rJ0n; Thu, 18 Nov 2021 13:34:23 -0800 (PST)
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2112.outbound.protection.outlook.com [40.107.236.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 55F503A0AAE; Thu, 18 Nov 2021 13:34:20 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RX+0AdCpZFMOdkSw3KHZ4aJAzqtL9f7YdTJwiqkT+SBCGhznviwILnMRsvuEIdAJj6N4x7+fmUr1dKSkuME/z3aD2PfYdtndl0+ZkzyA8JrYrDzis0AHIpSTkdg7czFp47Hk+TnEuoAWZVT7BJPn23Xt1+QJzbCiMLK9GmppWUiWzkk0glRvBM37FJ4fbeccANT5R4UlRKBqVJXCS5j/Xr0uDIdPsP5T4NxPYYsqbiyhcVd2iCGCK6B016KP4t2fc6lXohN2y3o29uc8+RJwQ0ex67XQQlxUCwoMyWSiqu+dT7moCjrf0g01cuSkxSslPZfN3JOmd+kEK6kWTyyabg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kzCwuzynKfycJEsSnyHVJoGOvYIyYPdzhYAGzv3yPGM=; b=Svbo9PzKvAr7OhWCEp7hMESUVgH3SNnzwGgy78oiJCOXXKs6XWOgBOSyIthfh6TsR5QExgrJqaH2MFepkYL0y9t3UMLEplcPEHTKVGsGikPfqkkDFbFTuYTM0rwgc0nYpxC/2Lm6ocLp9rjFla6ZJW5uDWCeWcAulnrnRk3CU5DOsxN046pmglcu0KLU/mkEhOgViY6dsTP9dngjUHgBMo9YuWDEM8+NNBO2yjn4JRHcC+G4nHlqi0CvjKJLTs5DuALmFBMCFMxtLg4Uaokkh/vssPNEAmCDEPiq53H07lRfGiQjcTy07lHBb21b5gou+tM/+kBx9QFGBfmagNzj9g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=labn.net; dmarc=pass action=none header.from=labn.net; dkim=pass header.d=labn.net; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=labn.onmicrosoft.com; s=selector2-labn-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kzCwuzynKfycJEsSnyHVJoGOvYIyYPdzhYAGzv3yPGM=; b=Q6DuNeRb3N540l9AjNpsHO84FefHEFpxun1zs7/8xBMbrecoysB4Wrogg+ymlDSBou/HWMtoNX9E9tq41QVQD0ewG3MzJ9za4BS5e/ciSf01DjP/va7uP7Aiz1Zu8N6/9BE1IAh/tOaumOkKRCRznUB4qYJcTfhhgzyFEcb4zcM=
Received: from MN2PR14MB4030.namprd14.prod.outlook.com (2603:10b6:208:1dc::14) by MN2PR14MB3343.namprd14.prod.outlook.com (2603:10b6:208:1b1::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4690.27; Thu, 18 Nov 2021 21:34:17 +0000
Received: from MN2PR14MB4030.namprd14.prod.outlook.com ([fe80::a056:e6a5:6d4f:26e4]) by MN2PR14MB4030.namprd14.prod.outlook.com ([fe80::a056:e6a5:6d4f:26e4%5]) with mapi id 15.20.4690.028; Thu, 18 Nov 2021 21:34:17 +0000
From: Don Fedyk <dfedyk@labn.net>
To: Xufeng Liu <xufeng.liu.ietf@gmail.com>, "yang-doctors@ietf.org" <yang-doctors@ietf.org>
CC: "detnet@ietf.org" <detnet@ietf.org>, "draft-ietf-detnet-yang.all@ietf.org" <draft-ietf-detnet-yang.all@ietf.org>, "last-call@ietf.org" <last-call@ietf.org>
Thread-Topic: Yangdoctors last call review of draft-ietf-detnet-yang-14
Thread-Index: AQHX1aVVzOJCkt7zEEO2OKLaojNpkKwJ15Kw
Date: Thu, 18 Nov 2021 21:34:17 +0000
Message-ID: <MN2PR14MB4030B1AD9BCBBF90FB1ABF82BB9B9@MN2PR14MB4030.namprd14.prod.outlook.com>
References: <163648840575.19216.561627083204230489@ietfa.amsl.com>
In-Reply-To: <163648840575.19216.561627083204230489@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=labn.net;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d38d771f-f71d-4376-6d1a-08d9aadb2cae
x-ms-traffictypediagnostic: MN2PR14MB3343:
x-microsoft-antispam-prvs: <MN2PR14MB3343FA6231BE621CE8761BD9BB9B9@MN2PR14MB3343.namprd14.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Y8n60zrQBGvXU1/QUcheiKLQT/cnWywL8NygX9B6a2QrOyDjFqWjhjG5RGQlsozXAiMuzlTE9zdP7KPAKXz1izSFz4o0vwCfHq84TUp/5oS11gROnfmGt6aTr8VwL7l6fWcmbwrerDLQl/BwfnAv5Pl3iSDa6D9A2Wc9TUE2ZvVgJ+6LFTUSsIurRbyrZ9zVoaSlnGR6PoPKBBtHsZw0ANy8iKapdTLR1FWFZ5i4sFw46ZyzQnC8850uSm5rADfUs9vs2xAYhw5FRcJeByEOKnxWRCpTOTQU0qzsjVuaa4qw8pvVCrOBNaPtQ1yZ9w+jDTKfZvxG1UtbJ8PeMbxwJOkWLbWt/ZYuT0/I0IF/2AmrMkwU1JBukT/ushyIItzTa1KCgDIZcma1wxFDEx74fsbITJ5ZFVDdhY2hRUH+oP9PRfk/K+VghfG2jb+x5avOIBfE4fsZDXhJAdnxmkdOAJJDT0wwoY3ujyx49DfgZ6WPSRU6q47YndRHWanVMIa057S6DohpBmtXqDmvVK69BgLKotiG5axbzViLtKunhRi7MjnneoH8hoEqrv7OZPay6Ei+p7W6Y5vZiPJALQvaARzw0WNhGS55D5obDFeB4yavNKpl/gQiAFKom8wkcJH2FdQDEdl7oy10Gz/VbchlJal13GpHt/TZr8yWkITb27CGVJ7Gm/bV0D1uAV3W6rlpAeN8qMfbt+VZ/aZlH1tLzQEG54uzrShYaqKKGEK1YHFAvLGdKETSYwYy/zAgl7GnSyYAdHa5PBO8E57+tXfndMgl7dqaQ/ayEwjMGyQuh5Q=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR14MB4030.namprd14.prod.outlook.com; PTR:; CAT:NONE; SFS:(396003)(366004)(376002)(136003)(346002)(39830400003)(66446008)(4326008)(66556008)(71200400001)(76116006)(26005)(7696005)(66476007)(64756008)(9686003)(83380400001)(86362001)(33656002)(66946007)(122000001)(8936002)(55016002)(316002)(8676002)(38100700002)(6506007)(508600001)(54906003)(53546011)(5660300002)(966005)(38070700005)(52536014)(186003)(110136005)(2906002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: wCrkfiSkgk42OwWVaHAlzQ/uKzVlcdaC2qDQoi5vep2Km2GCHjQqqsSR+MeoneeAzo+CzCbT6cG4Ui8sjaPy6TJdc/YMi8+VLGFySFJerWefDm885b3Wu1i7tCX4rvXPy4hwDCeLSdGChv5b0ZvbIYwiXZsGjwzxV6ztHcts1O+WfMeV19WXG2bGbJh1RxQ2VOHq6rKg014B27Eank5YHwVNualB0bLVbGkzqyqFiHNhWCreWiNY6EtqM2+WRrTIHQu8xOtKh3ezpRRpbFtIkGvOUMeWs3e3Ercb3Wuul5P0duQaG0JQnZl/DeMOXWePIYPflfPAJ7VMADODqffA2JNhy53kgLtfKK5WCDwW1Ky9X6EVui7K7gC//YlIhc21vUapA1SxI56Z9HKpynxgrrO3qhDfSsU2tKbBUgElKd0decFlvi7W1aE+wvR+WWSDf91emdSy5EgYY93jymqB3YhzetdNw3j6xA12rbozvp75m4g/QPDChHoxnTct+RwYToHPgTlI3NEZb7MPMm43r+fKjWfNV2vRqFqYZcH1gB1r4NEkg5g1wgBkFzo8xrz3rNqYkeN0+u0b4KnUEdhXrdSOzPPnEA/Gacwnt88BKZg2KjVSHvZ5ZMc+jEfdym1NLY4mXCCtnT0Wrr9qIzghE6pKynfL2tRDXrLt1jBpmJ5Mrii2v9XdqsFv+uThL00t4nBCbzHv16KTXBIVKgOc49fB7v/xm3ngUCzc/e3uteCoZz3rj5lX/o7wwBfgPtSbXNKwzvrUjIIzeJPdeTZcMchxme3oAw64gsnEf99L5uQzZ0+q+vsgC/xlxXst/7rV9rsFOtR1UoP5arXhhNENAdS8tl1QEm58q0TDM5EpmmbPZyoWf42r/Iqec1KxgMfhN+g2H5ayZyFYMwpt1mLfi4HGSPFTySovvoPcOfbpzPT0Ehg1ezy9x29ASi4J24puLRMkFWI2SsO+j3AzRK+JffNZAdUvEhpyZOOfIco3ArlhwiFsi31oKmaetIIt6yACG7ENk6Lhz8n7OOvf1UNBKFUVlJ/LaV1nr9Hjuq2oT2BpZ7ncTHysNrQYDXpsYfR9Omf1JTu1TecvvXycIXkibdaL2dtbXbpeT1SHtRM/RJkUSlkUu/Pww+bsU+OJsvBGMrqjnA4M82Ym6/6LJMxEDGYNuu7IcmJ1VWzio2k+QbshKqJBQVlEwfTui7Bfu60GjUWH5SMWPb6eRXTpX1cpNYBbCABzdHUJNoCiA/qBvnTJ23PIL+v95WQJao4CZvAsiRdnn/XuM3Cico9JfJfEwHvRVTbhKRodTFUsWTdBaQnx6FKLkA9JAPoq6aZmkYrFLXlxtl/EQJgjnarJt08KF8RoRzYRYr0BzcpgkGyyAXkgBHvMS0fJC0+D8+x308PDd+d4liqxwVH5e7ox6ar+0qtCxevXokWALcGmTU/1BfUOUoz5FLaZmKWmwNR3PpaBvSjIyJ/Exx7a15DHja8duBL7o6UVKzgWou9Dwz9r9qFyeKm0PtEY8ovdG5uJSDi+2KJPQKhZvxOGjSRyYqav6vxm6uKtHUZ70b10PMI2QPq5qJdRfVWCONZCh2adyYQ18MnotQJoueBH/dp+peM3vrc9kCCuPILMHR0yh+w07kQ=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: labn.net
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR14MB4030.namprd14.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d38d771f-f71d-4376-6d1a-08d9aadb2cae
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Nov 2021 21:34:17.2385 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: eb60ac54-2184-4344-9b60-40c8b2b72561
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: dWraDrXM2wMn1Q0ETtQFEcfJOVqY8XlxNG6+om/wPgApyhRi07DT1UHiIcyMD8pcudV0kznudHCN1HodUIa6/g==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR14MB3343
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/wL-aaLlK-e1nc8c4ygGTiaSdIsM>
Subject: Re: [Detnet] Yangdoctors last call review of draft-ietf-detnet-yang-14
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Nov 2021 21:34:28 -0000
Hi Xufeng Thanks, I have updated a preliminary version 15 @ https://github.com/detnet-wg/draft-ietf-detnet-yang. Most updates were straightforward - the security section I think everything is sensitive on write and anything that shows application is sensitive on read. Here is how the section reads now: (Please comment if this is OK). There are a number of data nodes defined in the module that are writable/creatable/deletable (i.e., config true, which is the default). These data nodes may be considered sensitive or vulnerable in some network environments. Write operations (e.g., edit-config) to these data nodes without proper protection can break or incorrectly connect DetNet flows. Since this is a configured Data Plane any changes that are not coordinated with all devices along the path the whole DetNet module is considered vulnerable and should have authorized access only. Similarly, the data nodes in these YANG modules may be considered sensitive or vulnerable in some network environments. It is thus important to control read access (e.g., via get, get-config, or notification) to these data nodes. These are the subtrees and data node and their sensitivity/vulnerability: detnet/app-flows: This controls the application details so it could be considered sensitive. detnet/traffic-profile/member-app: This links traffic profiles to applications. detnet/service/incoming/app-flow: This links applications to services. detnet/service/outgoing/app-flow: This links applications to services. Cheers Don -----Original Message----- From: Xufeng Liu via Datatracker <noreply@ietf.org> Sent: Tuesday, November 9, 2021 3:07 PM To: yang-doctors@ietf.org Cc: detnet@ietf.org; draft-ietf-detnet-yang.all@ietf.org; last-call@ietf.org Subject: Yangdoctors last call review of draft-ietf-detnet-yang-14 Reviewer: Xufeng Liu Review result: Ready with Nits Thanks to authors for addressing the previous review comments. The updates look good. The followings are a few additional nits: 1) In the model, “container flow-spec” has been changed to “container traffic-spec”, but the description has not been updated, shown as below: container traffic-spec { description "Flow-specification specifies how the Source transmits packets for the flow. This is the promise/request of the Source to the network. The network uses this flow specification to allocate resources and adjust queue parameters in network nodes."; 2) Most names of list and leaf-list have been fixes. The following three were missed: “leaf-list member-apps” should be “leaf-list member-app” “leaf-list member-services” should be “leaf-list member-service” “leaf-list member-fwd-sublayers” should be “leaf-list member-fwd-sublayer” 3) Section 10. Security Considerations would need to include a list of “sensitive or vulnerable” nodes. RFC 8349 shows an example. Thanks, - Xufeng
- [Detnet] Yangdoctors last call review of draft-ie… Xufeng Liu via Datatracker
- Re: [Detnet] Yangdoctors last call review of draf… Don Fedyk
- Re: [Detnet] Yangdoctors last call review of draf… Xufeng Liu
- [Detnet] Comments on detnet-yang-15 Re: [Last-Cal… tom petch
- [Detnet] Some more Comments on detnet-yang-15 Re:… tom petch
- Re: [Detnet] Some more Comments on detnet-yang-15… John Grant
- Re: [Detnet] Some more Comments on detnet-yang-15… Don Fedyk
- Re: [Detnet] Comments on detnet-yang-15 Re: [Last… Don Fedyk
- Re: [Detnet] Comments on detnet-yang-15 Re: [Last… tom petch
- Re: [Detnet] Comments on detnet-yang-15 Re: [Last… Don Fedyk
- Re: [Detnet] Comments on detnet-yang-15 Re: [Last… Don Fedyk
- Re: [Detnet] Comments on detnet-yang-15 Re: [Last… tom petch
- Re: [Detnet] Comments on detnet-yang-15 Re: [Last… tom petch
- Re: [Detnet] Comments on detnet-yang-15 Re: [Last… Don Fedyk
- Re: [Detnet] Comments on detnet-yang-15 Re: [Last… tom petch
- Re: [Detnet] Comments on detnet-yang-15 Re: [Last… Don Fedyk