IETF Logo Mail Archive

Re: [I2nsf] WGLC for draft-ietf-i2nsf-registration-dm-17

Linda <dunbar.ll@gmail.com> Mon, 05 September 2022 15:22 UTC

Return-Path: <dunbar.ll@gmail.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 09CFBC15270C for <i2nsf@ietfa.amsl.com>; Mon, 5 Sep 2022 08:22:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.103
X-Spam-Level:
X-Spam-Status: No, score=-6.103 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DKvPzl8PRwSW for <i2nsf@ietfa.amsl.com>; Mon, 5 Sep 2022 08:22:03 -0700 (PDT)
Received: from mail-qt1-x836.google.com (mail-qt1-x836.google.com [IPv6:2607:f8b0:4864:20::836]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B01E3C152701 for <i2nsf@ietf.org>; Mon, 5 Sep 2022 08:22:03 -0700 (PDT)
Received: by mail-qt1-x836.google.com with SMTP id r6so6301326qtx.6 for <i2nsf@ietf.org>; Mon, 05 Sep 2022 08:22:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :from:content-transfer-encoding:from:to:cc:subject:date; bh=ZmmUci1UMtAtr0OsYXMkHKhw5wIIVscml9lfbdG8q/Y=; b=ddkvfn4ZoH4D8RnwgNig3sOb62BliQOtmdWEhVSoZugFYPYsawQmx3CNaVrf94/cTS zRrnC4NLsiOlcXOVRWUYT2nQOvUSA3iPlK/r9FV/fZSzNkbVuRHiHCJfqJCFrMqXMcvR 95S4T+c7ecyGAIUHuKCB8keb6BHEYS5vjoUcef6FvSnVk3X7ouQJYEmcO4xPBUfJ/sVQ dkIgUw4BpG2PZ7f+9WKymlTbvEfyeVq2rec7yUxdNFZQ8M6NlFNAgVTd6OHWH/TjPZ1k ur4nGTlKdor5Em0ua485a7lx9LvQqEs6UVDM/z56hHWd7Oa8SwfAUgmI8aHpSd+Qz52l pqtw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:in-reply-to:cc:references:message-id:date:subject:mime-version :from:content-transfer-encoding:x-gm-message-state:from:to:cc :subject:date; bh=ZmmUci1UMtAtr0OsYXMkHKhw5wIIVscml9lfbdG8q/Y=; b=f1YD5P6OFqNaVgQsi26DLtXFu095FZemPTHz7ORvWsCLra2S5BFOUfiRu7Y2RdzUWI TFXw4xt6zEyymzC4X4ns4BER0Kb37PiUB9xKJO8zlcSEYUEgY+Hn4W7nS+sTMYPInew6 znZ/WHCb/PnMQ8Hfr0CojWXGOIRpY0LuXeqUIpgDXEwiQ4axBPkSKClC6gtPMoKCOeK3 6cGvQyb27rE1vyv168u8laRWVDMepotcyX/L2R25V2c9TErInN+ugoFZdNROeNcXqbEk TnubdG2/09PT/2IcpopSx9sa03rF4+fNCFQZ01vjxmZILyvS7uLzZm6HJT/dFhTBCkAg O2aw==
X-Gm-Message-State: ACgBeo1I4vLxuhcPhG53X6Eolvy0kDBCDwZMtsR3K6VV8ioI2ey7Z8wE 8eomQ02/y52Z4v/6Vtwwij4=
X-Google-Smtp-Source: AA6agR7imtb36XsIbMTMCPCJh2dNIUIdD+Y4/uaAaN5TumIIBM2UaePW9Yrqgr9zBwH7g8jAFDoxOA==
X-Received: by 2002:ac8:5ac2:0:b0:344:90e7:4106 with SMTP id d2-20020ac85ac2000000b0034490e74106mr40444426qtd.624.1662391322065; Mon, 05 Sep 2022 08:22:02 -0700 (PDT)
Received: from smtpclient.apple ([50.237.128.187]) by smtp.gmail.com with ESMTPSA id u18-20020a05620a0c5200b006bb8b5b79efsm8498410qki.129.2022.09.05.08.22.00 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 05 Sep 2022 08:22:00 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail-0C9BB997-55BB-4466-981E-D327AA06E98B"
Content-Transfer-Encoding: 7bit
From: Linda <dunbar.ll@gmail.com>
Mime-Version: 1.0 (1.0)
Date: Mon, 05 Sep 2022 08:21:59 -0700
Message-Id: <A75E0290-9E4C-417E-80B3-E1B317A8880A@gmail.com>
References: <CAPK2DewxF8qOOnSt6nxsytxJNNzNj0Vnj+pnaBuvgcRQzx7aqA@mail.gmail.com>
Cc: Qin Wu <bill.wu@huawei.com>, Linda Dunbar <linda.dunbar@futurewei.com>, Patrick Lingga <patricklink888@gmail.com>, Roman Danyliw <rdd@cert.org>, i2nsf@ietf.org
In-Reply-To: <CAPK2DewxF8qOOnSt6nxsytxJNNzNj0Vnj+pnaBuvgcRQzx7aqA@mail.gmail.com>
To: "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
X-Mailer: iPhone Mail (19G82)
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/65yJy-L49HuAzOgAD0bMcq83Og4>
Subject: Re: [I2nsf] WGLC for draft-ietf-i2nsf-registration-dm-17
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Sep 2022 15:22:08 -0000

Will update the shepherd write up next  week and submit the IESG. Sorry for the delay. 
Linda
Sent from my iPhone

> On Sep 5, 2022, at 4:59 AM, Mr. Jaehoon Paul Jeong <jaehoon.paul@gmail.com> wrote:
> 
> 
> Hi Qin,
> Patrick and I will work on the revision of the Registration Interface Draft with your comments.
> 
> Thanks for your constructive comments.
> 
> Best Regards,
> Paul
> 
> 2022년 9월 5일 (월) 오후 3:59, Qin Wu <bill.wu@huawei.com>님이 작성:
>> Hi, Paul:
>> 
>> Thank for the update, I am still struggling about the relation between capability model and registration interface model.
>> 
>> First, the registration interface model imports ietf-i2nsf-capability and reuses some grouping defined in ietf-i2nsf-capability, this is not augmented model from ietf-i2nsf-capability. It is a new model which use some building block in some other existing models.
>> 
>> Augmented model should augment from ietf-i2nsf-capability with additional data nodes, e.g., here is IPv4 unicast routing management model which is augmented from ietf-routing 
>>      augment "/rt:routing-state/rt:ribs/rt:rib/rt:routes/rt:route" {
>>        when "derived-from-or-self(../../rt:address-family, "
>>           + "'v4ur:ipv4-unicast')" {
>>          description
>>            "This augment is valid only for IPv4 unicast.";
>>        }
>> This gives you a sense what augmented model look like.
>> 
>> Second, Can ietf-i2nsf-capability module be used independent from ietf-i2nsf-registration-interface module? Is ietf-i2nsf-capability used in the same registration interface as  ietf-i2nsf-registration-interface module?
>> Third: I re-read section 4 of draft-ietf-i2nsf-registration-interface-dm, it said:
>> “
>> 
>>    The I2NSF registration interface is used by Security Controller and
>>    Developer's Management System (DMS) in I2NSF framework.  The
>>    following summarizes the operations done through the registration
>>    interface:
>>  
>>    1)  DMS registers NSFs and their capabilities to Security Controller
>>        via the registration interface.  DMS also uses the registration
>>        interface to update the capabilities of the NSFs registered
>>        previously.
>>  
>>    2)  In case that Security Controller fails to find some required
>>        capabilities from any registered NSF that can provide, Security
>>        Controller queries DMS about NSF(s) having the required
>>        capabilities via the registration interface.
>> ”
>> 
>> I feel this registration interface is designed only for administrators to register NSF capability, In case that Security Controller fails to find some required
>> capabilities from any registered NSF that can provide, it can also auto detect required capabilities by itself from NSF, therefore simply define query RPC 
>> to query capabilities from DMS seems not sufficient, unless you explicitly rule this auto detection out from this document.
>>  
>> -Qin
>> 发件人: Mr. Jaehoon Paul Jeong [mailto:jaehoon.paul@gmail.com] 
>> 发送时间: 2022年8月31日 19:14
>> 收件人: Qin Wu <bill.wu@huawei.com>
>> 抄送: i2nsf@ietf.org; Roman Danyliw <rdd@cert.org>; Linda Dunbar <linda.dunbar@futurewei.com>; Patrick Lingga <patricklink888@gmail.com>; skku-iotlab-members <skku-iotlab-members@googlegroups.com>; Mr. Jaehoon Paul Jeong <jaehoon.paul@gmail.com>
>> 主题: Re: [I2nsf] WGLC for draft-ietf-i2nsf-registration-dm-17
>> 
>>  
>> 
>> Hi Qin,
>> 
>> Here is the revision reflecting your detailed comments on the I2NSF Registration Interface:
>> 
>> https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-registration-interface-dm-20
>> 
>>  
>> 
>> Patrick and I have revised this draft along with the attached revision letter.
>> 
>>  
>> 
>> Could you confirm whether this revision looks good to you or not?
>> 
>>  
>> 
>> Thanks.
>> 
>>  
>> 
>> Best Regards,
>> 
>> Paul
>> 
>>  
>> 
>>  
>> 
>>  
>> 
>> On Wed, Aug 24, 2022 at 6:42 PM Qin Wu <bill.wu@huawei.com> wrote:
>> 
>> Hi, Paul:
>> 
>> Thank you for inviting me to review this draft.
>> 
>> I am a little confused about the relation of this draft with draft-ietf-i2nsf-capability-data-model
>> 
>> See quoted text in draft-ietf-i2nsf-capability-data-model
>> 
>> “
>> 
>>    This document provides an information model and the corresponding
>> 
>>    YANG data model [RFC6020][RFC7950] that defines the capabilities of
>> 
>>    NSFs to centrally manage the capabilities of those NSFs.  The NSFs
>> 
>>    can register their own capabilities into a Network Operator
>> 
>>    Management (Mgmt) System (i.e., Security Controller) with this YANG
>> 
>>    data model through the registration interface [RFC8329].
>> 
>>  
>> 
>> ”
>> 
>> And quote text in draft-ietf-i2nsf-registration-dm
>> 
>> “
>> 
>>    This document describes an information model (see Section 4) and a
>> 
>>    YANG [RFC7950] data model (see Section 5) for the I2NSF Registration
>> 
>>    Interface [RFC8329] between the security controller and the
>> 
>>    developer's management system (DMS) to support NSF capability
>> 
>>    registration and query via the registration interface.
>> 
>>  
>> 
>> ”
>> 
>> I am wondering which YANG data model is exchanged in the registration interface.
>> 
>> Shouldn’t YANG data model defined in draft-ietf-i2nsf-registration-dm augment the YANG model defined in
>> 
>> draft-ietf-i2nsf-capability-data-model.
>> 
>>  
>> 
>> In addition, I think registration interface seems not mandatory interface, security controller in some other case can
>> 
>> Learn capability NFV orchestrators, or NSF can expose dynamic capability to security controller.
>> 
>>  
>> 
>> Besides register NSF, I am wondering what other data or information can be registered? I assume there are a lot.
>> 
>> Therefore I would suggest to limit the scope of this registration interface, only focus NSF capability registration.
>> 
>> The title should reflect this.
>> 
>>  
>> 
>> For data model and information model definition, I think you should refer to RFC3444.
>> 
>> For NSF access information, I am wondering whether management protocol should also be part of access information.
>> 
>> Regarding performance capability, I assume it is related to software or hardware, or firmware specification,
>> 
>> Naming it as performance capability seems confusing to me.
>> 
>>  
>> 
>> -Qin
>> 
>> ---------- 전달된 메일 ----------
>> 보낸사람: Linda Dunbar <linda.dunbar@futurewei.com>
>> 날짜: 2022년 6월 11일 (토) 오전 3:13
>> 제목: [I2nsf] WGLC for draft-ietf-i2nsf-registration-dm-17
>> 받는사람: i2nsf@ietf.org <i2nsf@ietf.org>
>> 
>>  
>> 
>> Hello Working Group,
>> 
>>  
>> 
>> Many thanks to the authors of draft-ietf-i2nsf-registration-dm-17 to address all the comments from YANG Doctor review, SecDir review and OpsDIR review.
>> 
>>  
>> 
>> This email starts a three weeks Working Group Last Call on draft-ietf-i2nsf-registration-dm-17
>> 
>> https://datatracker.ietf.org/doc/draft-ietf-i2nsf-registration-interface-dm/
>> 
>>  
>> 
>> This poll runs until July 1, 2021.
>> 
>>  
>> 
>> We are also polling for knowledge of any undisclosed IPR that applies to this Document, to ensure that IPR has been disclosed in compliance with IETF IPR rules (see RFCs 3979, 4879, 3669 and 5378 for more details).
>> 
>> If you are listed as an Author or a Contributor of this Document, please respond to this email and indicate whether or not you are aware of any relevant undisclosed IPR. The Document won't progress without answers from all the Authors and Contributors.
>> 
>>  
>> 
>> If you are not listed as an Author or a Contributor, then please explicitly respond only if you are aware of any IPR that has not yet been disclosed in conformance with IETF rules.
>> 
>>  
>> 
>> Thank you.
>> 
>>  
>> 
>> Linda
>> 
>>  
>> 
>> _______________________________________________
>> I2nsf mailing list
>> I2nsf@ietf.org
>> https://www.ietf.org/mailman/listinfo/i2nsf
>> 
>> --
>> 
>> ===========================
>> Mr. Jaehoon (Paul) Jeong, Ph.D.
>> Associate Professor
>> 
>> Department Head
>> Department of Computer Science and Engineering
>> Sungkyunkwan University
>> Office: +82-31-299-4957
>> Email: pauljeong@skku.edu, jaehoon.paul@gmail.com
>> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
>> 
> -- 
> ===========================
> Mr. Jaehoon (Paul) Jeong, Ph.D.
> Associate Professor
> Department Head
> Department of Computer Science and Engineering
> Sungkyunkwan University
> Office: +82-31-299-4957
> Email: pauljeong@skku.edu, jaehoon.paul@gmail.com
> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
> _______________________________________________
> I2nsf mailing list
> I2nsf@ietf.org
> https://www.ietf.org/mailman/listinfo/i2nsf

v2.23.0 | Report a Bug | By Email