Re: [I2nsf] New Version Notification for draft-xia-i2nsf-sec-object-dm-00.txt
"Diego R. Lopez" <diego.r.lopez@telefonica.com> Wed, 11 July 2018 21:44 UTC
Return-Path: <diego.r.lopez@telefonica.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29C44130E73 for <i2nsf@ietfa.amsl.com>; Wed, 11 Jul 2018 14:44:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.89
X-Spam-Level:
X-Spam-Status: No, score=-1.89 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, T_FILL_THIS_FORM_SHORT=0.01, T_KAM_HTML_FONT_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=telefonicacorp.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1dGr9ZuQRAtC for <i2nsf@ietfa.amsl.com>; Wed, 11 Jul 2018 14:44:37 -0700 (PDT)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-am5eur03on071e.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe08::71e]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E768130E29 for <i2nsf@ietf.org>; Wed, 11 Jul 2018 14:44:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telefonicacorp.onmicrosoft.com; s=selector1-telefonica-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iric6fXc3eBH1kGfAORIxsu9JYYkUHtKEn4aIBI6Ex0=; b=PhU/K/SOOmWBTynowxB7ZhOBQsvn9FTeSUmZonpqbpzb/TVLwcBmyjLVMJhglvKQ8zkYb+MU4IH3a6gkVxY0u1SztxuakkmmUu4AoLQpkqk1/6gFAgVaCHoO95V36sVH+r56FvT0F+uUECUTF6zkIkarhCP1p0V+pctyqKO5Tlo=
Received: from DB3PR0602MB3788.eurprd06.prod.outlook.com (52.134.70.148) by DB3PR0602MB3738.eurprd06.prod.outlook.com (52.134.73.28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.930.21; Wed, 11 Jul 2018 21:44:34 +0000
Received: from DB3PR0602MB3788.eurprd06.prod.outlook.com ([fe80::e8a7:c15c:d575:4c71]) by DB3PR0602MB3788.eurprd06.prod.outlook.com ([fe80::e8a7:c15c:d575:4c71%4]) with mapi id 15.20.0930.016; Wed, 11 Jul 2018 21:44:34 +0000
From: "Diego R. Lopez" <diego.r.lopez@telefonica.com>
To: "Linqiushi (Jessica, CSPL)" <linqiushi@huawei.com>, "i2nsf@ietf.org" <i2nsf@ietf.org>
CC: "Xialiang (Frank, Network Integration Technology Research Dept)" <frank.xialiang@huawei.com>
Thread-Topic: [I2nsf] New Version Notification for draft-xia-i2nsf-sec-object-dm-00.txt
Thread-Index: AQHUGWBbV/nM1Qopk0+9P9OSrWqIjA==
Date: Wed, 11 Jul 2018 21:44:33 +0000
Message-ID: <33B62C3E-766D-417A-9D5A-674CD0EB67CE@telefonica.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.f.0.180701
x-originating-ip: [79.149.108.203]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DB3PR0602MB3738; 7:3UyQgoUAuzQNf9jXcfpbLjcEWw6qBN6v3YvhgdLvTW++gDJGaMxkI65fKF1SAqyRAfXfDA1aJtoK6iNf8wyOfpuxdC0wtdWD5toPtCKKJ94VMfpF3JeScdWCHX4O0tghSLT9CmU5I1PtPYdgHpFDkJODImIp6Haca3EpcvfHhLD/1bDwfiFC4rGhuz89iMsbwCGPoZOzyj4ZrmARrusYjdPM+G8XrPdo7RbP23MNkmW54vlRoYh7BmGHsRaJ/n4q
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 31a048db-4b92-4af4-6b1c-08d5e7777de2
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:(40392960112811); BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989117)(5600053)(711020)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(48565401081)(2017052603328)(7153060)(7193020); SRVR:DB3PR0602MB3738;
x-ms-traffictypediagnostic: DB3PR0602MB3738:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=diego.r.lopez@telefonica.com;
x-microsoft-antispam-prvs: <DB3PR0602MB3738911AE359D8FE79FC519EDF5A0@DB3PR0602MB3738.eurprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(40392960112811)(120809045254105)(192374486261705)(131327999870524)(50582790962513)(223705240517415)(128460861657000)(21748063052155)(81160342030619);
x-ms-exchange-senderadcheck: 1
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(3002001)(3231311)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(20161123560045)(20161123558120)(20161123564045)(20161123562045)(201703131423095)(201702281529075)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011)(7699016); SRVR:DB3PR0602MB3738; BCL:0; PCL:0; RULEID:; SRVR:DB3PR0602MB3738;
x-forefront-prvs: 0730093765
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(136003)(366004)(39860400002)(376002)(346002)(25724002)(15404003)(199004)(189003)(40134004)(53754006)(252514010)(966005)(25786009)(53936002)(66066001)(7110500001)(81156014)(4326008)(97736004)(33656002)(486006)(6246003)(8676002)(105586002)(45080400002)(81166006)(561944003)(14454004)(2616005)(82746002)(478600001)(6116002)(3846002)(5660300001)(786003)(26005)(186003)(83716003)(54896002)(2906002)(7736002)(476003)(6436002)(99286004)(6506007)(6512007)(2420400007)(15650500001)(110136005)(36756003)(256004)(102836004)(606006)(2501003)(68736007)(6486002)(58126008)(229853002)(86362001)(2900100001)(106356001)(5250100002)(6306002)(236005)(14444005)(8936002)(316002); DIR:OUT; SFP:1102; SCL:1; SRVR:DB3PR0602MB3738; H:DB3PR0602MB3788.eurprd06.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: telefonica.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: ZFRNZeGGHbHc1p2Uh8spDcvRgjYZTxvj0iLVTV3glWPbUNoXYtYzX1V4PWjnIInk+wsdK/Pz1XNc3tmWVyDdI0heSFfOXiGZ4Ur70R/brK6f9rDBAjt3rRoakhRVJrCh9m/9KFTKiJJRPktgwcdMcEHn4VxRsKU0LuWR7vP8AFXk7FgLLM9QzY36dSu+mIRa8H6b3Vnoafa22Nvy6Gb46VRD3PUl86E7dqN0oftIxhY/8I/3v4jv+Cn1lALkFvU/9eP2hx1vTKEfmEBVP9DodswbvKcsoiplj7RK4KFn2E6PARAQ5ehnDZNXd30RUpchGbRzr3GKdteJw5bO0utjwD7aD1sDtmugiix7Y5S7zgY=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_33B62C3E766D417A9D5A674CD0EB67CEtelefonicacom_"
MIME-Version: 1.0
X-OriginatorOrg: telefonica.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 31a048db-4b92-4af4-6b1c-08d5e7777de2
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Jul 2018 21:44:33.9996 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9744600e-3e04-492e-baa1-25ec245c6f10
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB3PR0602MB3738
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/IZW_0aC-YDcLE7x948DJgc6Bn_I>
Subject: Re: [I2nsf] New Version Notification for draft-xia-i2nsf-sec-object-dm-00.txt
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jul 2018 21:44:44 -0000
Hi, The proposal sounds in principle reasonable, as a useful artifact to simplify policy expressions. My only concern is whether this could cause some distortion in the capability model: I don’t see any, but I’d like to know the opinion of the other capability model perpetrators (well, Aldo’s and John’s. I guess Frank would be in. agreement…) And I’d propose to include this in the capability data model document. Be goode, -- "Esta vez no fallaremos, Doctor Infierno" Dr Diego R. Lopez Telefonica I+D https://www.linkedin.com/in/dr2lopez/ e-mail: diego.r.lopez@telefonica.com<mailto:diego.r.lopez@telefonica.com> Tel: +34 913 129 041 Mobile: +34 682 051 091 ---------------------------------- On 11/07/2018, 09:32, "I2nsf on behalf of Linqiushi (Jessica, CSPL)" <i2nsf-bounces@ietf.org<mailto:i2nsf-bounces@ietf.org> on behalf of linqiushi@huawei.com<mailto:linqiushi@huawei.com>> wrote: Hi all, As we mentioned in draft-xia-i2nsf-sec-object-dm-00, attribute based policy rule configuration is repetitive when creating new policy rules and is hard to maintain consistency when making modification. We propose to introduce the “object” concept in I2NSF policy rule to provide re-usability and simplicity, and define commonly used policy objects. Taking address attribute as an example, address object and address group object are defined. The YANG tree structure of address object is as follows. grouping addr-objects: +--rw addr-object* [name] +--rw name address-set-name + ... +--rw elements* [elem-id] +--rw elem-id uint16 +--rw (object-items) +--: (ipv4) | ... +--: (ipv6) | ... +--: (mac) | ... +--: (ipv4-range) | ... +--: (ipv6-range) ... For other policy objects, please review the draft: https://tools.ietf.org/html/draft-xia-i2nsf-sec-object-dm-00. We want to solicit comments from I2NSF WG. Would the WG like to adopt “policy object” in I2NSF policy rule? Is an individual draft needed? Or just incorporating it into the existing drafts? Thanks. Best Regards, Qiushi (Jessica) Lin 发件人: Linqiushi (Jessica, CSPL) 发送时间: 2018年7月2日 14:49 收件人: i2nsf@ietf.org 抄送: Xialiang (Frank, Network Integration Technology Research Dept) <frank.xialiang@huawei.com> 主题: FW: New Version Notification for draft-xia-i2nsf-sec-object-dm-00.txt Dear all, We just submitted a new draft on I2NSF policy object data model. Object based rule configuration provides reusability and is widely adopted in NSFs. This document defines several commonly used policy objects, e.g. address object, service object, etc. Besides, this data model draft is aligned with the previous information model draft. The policy objects are defined as groupings to be reused in different rules. Your comments and suggestions are warmly welcome. Best Regards, Qiushi (Jessica) Lin -----邮件原件----- 发件人: internet-drafts@ietf.org<mailto:internet-drafts@ietf.org> [mailto:internet-drafts@ietf.org] 发送时间: 2018年7月2日 14:46 收件人: Linqiushi (Jessica, CSPL) <linqiushi@huawei.com<mailto:linqiushi@huawei.com>>; Xialiang (Frank, Network Integration Technology Research Dept) <frank.xialiang@huawei.com<mailto:frank.xialiang@huawei.com>>; Linqiushi (Jessica, CSPL) <linqiushi@huawei.com<mailto:linqiushi@huawei.com>>; Xialiang (Frank, Network Integration Technology Research Dept) <frank.xialiang@huawei.com<mailto:frank.xialiang@huawei.com>> 主题: New Version Notification for draft-xia-i2nsf-sec-object-dm-00.txt A new version of I-D, draft-xia-i2nsf-sec-object-dm-00.txt has been successfully submitted by Qiushi Lin and posted to the IETF repository. Name: draft-xia-i2nsf-sec-object-dm Revision: 00 Title: I2NSF Security Policy Object YANG Data Model Document date: 2018-07-01 Group: Individual Submission Pages: 41 URL: https://www.ietf.org/internet-drafts/draft-xia-i2nsf-sec-object-dm-00.txt Status: https://datatracker.ietf.org/doc/draft-xia-i2nsf-sec-object-dm/ Htmlized: https://tools.ietf.org/html/draft-xia-i2nsf-sec-object-dm-00 Htmlized: https://datatracker.ietf.org/doc/html/draft-xia-i2nsf-sec-object-dm Abstract: This document describes a set of policy objects which are reusable and can be referenced by variable I2NSF policy rules. And the YANG data models of these policy objects are provided. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat ________________________________ Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción. The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it. Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição
- [I2nsf] FW: New Version Notification for draft-xi… Linqiushi (Jessica, CSPL)
- Re: [I2nsf] New Version Notification for draft-xi… Linqiushi (Jessica, CSPL)
- Re: [I2nsf] New Version Notification for draft-xi… Diego R. Lopez
- Re: [I2nsf] New Version Notification for draft-xi… Linqiushi (Jessica, CSPL)