Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2nsf-sdn-ipsec-flow-protection-04

"Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com> Sat, 11 May 2019 13:59 UTC

Return-Path: <jaehoon.paul@gmail.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20BFC1200B7 for <i2nsf@ietfa.amsl.com>; Sat, 11 May 2019 06:59:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.989
X-Spam-Level:
X-Spam-Status: No, score=-1.989 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_HK_NAME_FM_MR_MRS=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oUaT_8BCysLu for <i2nsf@ietfa.amsl.com>; Sat, 11 May 2019 06:59:54 -0700 (PDT)
Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C94C120026 for <i2nsf@ietf.org>; Sat, 11 May 2019 06:59:54 -0700 (PDT)
Received: by mail-wr1-x435.google.com with SMTP id w12so10651310wrp.2 for <i2nsf@ietf.org>; Sat, 11 May 2019 06:59:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=fRj71Pj+6AF/XZUi6QTzSKYATzfg7JD+IMVMRUwRp4s=; b=dvJ2ngoaZdf9va/8E349a/QGGlR8kaIdape1jVTBT6A9FNRE9pGngm2NMRr7zytK+b FLkLogmwrcq4zrnmY22Uxor3PBSBQ5cHWBaK35doAxNtYVX03lH1h+jecJxHui45mhB/ Zny1T5VXBp3Ix4aB4uimhlKJEBINgTFK7mP9Ea7595NIeupsqr+6Fgg2j0g31OFrtXfp hc6XyC8ivJMbUOb3cyNN01ig0f7+Upl/eTUJexA9kXGjijH6h2/Gbs8EYKFQwv9urVVy kwOArWW7yIXJCulhsSjzr34UrueHQJEXuF7oM4ecpRbgF3IWMqaDhRn3Xl64XKfS9t+N TFlw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=fRj71Pj+6AF/XZUi6QTzSKYATzfg7JD+IMVMRUwRp4s=; b=FbZt2D9LR/4iRzxlSHiIiPapBMjUCDBBCMFXJsih1dsbUm0lIkrWOqsrx4iGNkxjML SQfeUFtTuz7S+sG3WvyjCfO3w7NBLoL0rR6XvIZsleDqtoeetpP0Pt7JNlhxs1X9y04o hbGsO4rwRx21QZfBMHOuId1p/6Rsmnc8TwmUTOFy/hju9vfsmTW/VeSkcL6J0TF17QLV 2p75lHD76rT76PMYujHN9B/uJOnfKRJF7OIG1wF2eBmSEyTCu7tSeYP1olHQtAICy1uJ tAHpUEM4zmKeDldLlFeKZG4L3yL9QeVNMJ+QM7r1gu0TnOslhgP/Vc53+ztJ12RUvLyJ Q1OQ==
X-Gm-Message-State: APjAAAUflMEjieXyQHoLlaIfvbIc4JfsqhT87kn3VKpchL6/Hu4Qny1Z aY8EjbvwSKtZMvYSfiUUJo1YdNT419q3cQOXTjU=
X-Google-Smtp-Source: APXvYqxcgsPG9uPBDKrqjrGL//ADBX7ewLqquu1wCDreqtKuNqm2hyHPtDRIwDwwiOCSKlKS7Zr6T+G/+QcTQVaghMg=
X-Received: by 2002:a5d:4cd0:: with SMTP id c16mr4902744wrt.20.1557583192565; Sat, 11 May 2019 06:59:52 -0700 (PDT)
MIME-Version: 1.0
References: <4A95BA014132FF49AE685FAB4B9F17F66B3869DE@sjceml521-mbs.china.huawei.com> <CAPK2DeyWU8gyQd+cEMg3bef-CybJvVRr1eF2br1h-LPAy34=Xw@mail.gmail.com> <40D323E6-AEFD-47AF-9E81-F5B55D7D7E14@um.es> <CAPK2DeyG2zd-8qjYEzKXGDUEj_zW=X6X2qL63Zd159y9VZJmTg@mail.gmail.com> <867C4A23-0335-4B5A-8FB2-430FBF77E990@um.es>
In-Reply-To: <867C4A23-0335-4B5A-8FB2-430FBF77E990@um.es>
From: "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
Date: Sat, 11 May 2019 22:59:09 +0900
Message-ID: <CAPK2DexPHcX6HdNeZE_pBTUeFXw3dOQmV1B=spOJ6EAPOTzuMg@mail.gmail.com>
To: Gabriel Lopez <gabilm@um.es>
Cc: Rafa Marin Lopez <rafa@um.es>, =?UTF-8?B?RmVybmFuZG8gUGVyZcOxw61ndWV6IEdhcmPDrWE=?= <fernando.pereniguez@cud.upct.es>, Linda Dunbar <linda.dunbar@huawei.com>, Yoav Nir <ynir.ietf@gmail.com>, "i2nsf@ietf.org" <i2nsf@ietf.org>, skku_secu-brain_all@googlegroups.com, "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000e6add705889d186a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/4QzwpR2FzC7FGYMwYUtFplBbJpo>
Subject: Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2nsf-sdn-ipsec-flow-protection-04
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 May 2019 13:59:57 -0000

Hi Gabriel,
Yes, I think the current ipsec-ietf-ike and ipsec-ietf-ikeless without
change will be fine to our I2NSF interfaces
after I discuss with my student, Jinyong.

Our Registration Interface with capability data model will register into
Security Controller
whether an NSF can support ipsec or not, and also in the case of the
support of ipsec
whether an NSF can support ike or ikeless.

The NSF-Facing will do the same thing for an NSF rather than the actual
configuration of ipsec stuff.
I assume that the detailed ipsec configuration will be done by your ipsec
modules.

Thanks.

Best Regards,
Paul

On Fri, May 10, 2019 at 5:37 PM Gabriel Lopez <gabilm@um.es>; wrote:

> Hi Paul.
>
> The ipsec-ietf-ike and ipsec-ietf-ikeless modules are standalone modules
> that can be used in the facing interface. We do not understand why do you
> need to include them in the nsf-facing interface data model.
>
> The idea of having a data model with all the security services a nfs can
> support is not practical and can turns into a huge complex model. Do you
> have in mind to include also configuration groupings for TLS, SSH, IDS,
> ACLs, etc.?
>
> Best regards, Gabi.
>
> El 9 may 2019, a las 23:09, Mr. Jaehoon Paul Jeong <jaehoon.paul@gmail.com>;
> escribió:
>
> Hi Gabriel,
> we need to make ipsec-ike and ipsec-ikeless be grouping type so that your
> ipsec module can be imported by our data modules for two ipsec cases.
> The container type cannot be imported by other data modules.
>
> Thanks.
>
> Best Regards,
> Paul
>
>
>
> 2019년 5월 10일 (금) 오전 1:43, Gabriel Lopez <gabilm@um.es>님이 작성:
>
>> Hi Paul.
>>
>> Could you explain what is the purpose of this change?
>>
>> Best regards, Gabi.
>>
>> El 9 may 2019, a las 16:02, Mr. Jaehoon Paul Jeong <
>> jaehoon.paul@gmail.com>; escribió:
>>
>> Hi Authors: Rafa, Gabriel, and Fernando,
>>
>> I have a request to let your authors revise i2nsf ipsec draft
>> (draft-ietf-i2nsf-sdn-ipsec-flow-protection-04)
>> in order to conform to our i2nsf interface data models.
>> For your YANG data module to be used in our NSF-Facing Interface data
>> model through import,
>> your YANG data module needs some modification as follows.
>>
>> ########### Original Code #############
>> container ikev2 {
>>    ....
>> }
>>
>> container ietf-ipsec {
>>    ....
>> }
>>
>> ########### Modified Code #############
>>
>> grouping ipsec-ike {
>>    ...
>> }
>>
>> grouping ipsec-ikeless {
>>    ...
>> }
>>
>> container ikev2 {
>>  description "Configure the IKEv2 software";
>>  uses ipsec-ike;
>> }
>>
>> container ietf-ipsec {
>>  description "IPsec configuration";
>>  uses ipsec-ikeless;
>> }
>>
>> With your modification, my SKKU team will modify our YANG data models
>> to accommodate your ipsec data model.
>>
>> If you have any questions, please let me know.
>>
>> Thank you.
>>
>> Best Regards,
>> Paul
>>
>> On Wed, Apr 17, 2019 at 11:54 PM Linda Dunbar <linda.dunbar@huawei.com>;
>> wrote:
>>
>>> Hello Working Group,
>>>
>>>
>>>
>>> This email starts a four weeks Working Group Last Call on
>>> draft-ietf-i2nsf-sdn-ipsec-flow-protection-04.
>>>
>>> This poll runs until May 15, 2019.
>>>
>>>
>>>
>>> Authors: please update the draft per the comments and suggestions from
>>> YANG Doctors.
>>>
>>>
>>>
>>> We are also polling for knowledge of any undisclosed IPR that applies to
>>> this Document, to ensure that IPR has been disclosed in compliance with
>>> IETF IPR rules (see RFCs 3979, 4879, 3669 and 5378 for more details).
>>>
>>> If you are listed as an Author or a Contributor of this Document please
>>> respond to this email and indicate whether or not you are aware of any
>>> relevant undisclosed IPR. The Document won't progress without answers from
>>> all the Authors and Contributors.
>>>
>>>
>>>
>>> If you are not listed as an Author or a Contributor, then please
>>> explicitly respond only if you are aware of any IPR that has not yet been
>>> disclosed in conformance with IETF rules.
>>>
>>>
>>>
>>>
>>>
>>> Thank you.
>>>
>>>
>>>
>>> Yoav & Linda
>>> _______________________________________________
>>> I2nsf mailing list
>>> I2nsf@ietf.org
>>> https://www.ietf.org/mailman/listinfo/i2nsf
>>>
>>
>>
>> --
>> ===========================
>> Mr. Jaehoon (Paul) Jeong, Ph.D.
>> Associate Professor
>> Department of Software
>> Sungkyunkwan University
>> Office: +82-31-299-4957
>> Email: jaehoon.paul@gmail.com, pauljeong@skku.edu
>> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
>> <http://cpslab.skku.edu/people-jaehoon-jeong.php>
>>
>>
>> -----------------------------------------------------------
>> Gabriel López Millán
>> Departamento de Ingeniería de la Información y las Comunicaciones
>> University of Murcia
>> Spain
>> Tel: +34 868888504
>> Fax: +34 868884151
>> email: gabilm@um.es <gabilm@um.es>;
>>
>>
> -----------------------------------------------------------
> Gabriel López Millán
> Departamento de Ingeniería de la Información y las Comunicaciones
> University of Murcia
> Spain
> Tel: +34 868888504
> Fax: +34 868884151
> email: gabilm@um.es <gabilm@um.es>;
>
>
>
>

-- 
===========================
Mr. Jaehoon (Paul) Jeong, Ph.D.
Associate Professor
Department of Software
Sungkyunkwan University
Office: +82-31-299-4957
Email: jaehoon.paul@gmail.com, pauljeong@skku.edu
Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
<http://cpslab.skku.edu/people-jaehoon-jeong.php>