[I2nsf] [i2nsf] Side meeting minutes for IETF 106 in Singapore
"Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com> Sat, 21 December 2019 08:40 UTC
Return-Path: <jaehoon.paul@gmail.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B419120A2E for <i2nsf@ietfa.amsl.com>; Sat, 21 Dec 2019 00:40:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.088
X-Spam-Level:
X-Spam-Status: No, score=-0.088 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_HK_NAME_FM_MR_MRS=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dZknK0378Gi7 for <i2nsf@ietfa.amsl.com>; Sat, 21 Dec 2019 00:40:01 -0800 (PST)
Received: from mail-wr1-x42d.google.com (mail-wr1-x42d.google.com [IPv6:2a00:1450:4864:20::42d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 65950120A2C for <i2nsf@ietf.org>; Sat, 21 Dec 2019 00:40:01 -0800 (PST)
Received: by mail-wr1-x42d.google.com with SMTP id c9so11594884wrw.8 for <i2nsf@ietf.org>; Sat, 21 Dec 2019 00:40:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=K/u467qWIPmtAKER4bwzGAS0KnSR9ZUgbv71qDomo8g=; b=M5RDyRuhcbwRg3uOlexOhzXc0CZQGGrUDcFzJk2+NCcju/SeN6jIw/xy7/Js89HrBg TR1WrScg+5+0MUS5in+5K3V+sAYdYMVHc3DMuJU2gqEcRQrRr+PsknU9zQ4R/P/1czxA DPL3VX9uJg+sIOm8yEDdeR8WIe/acpPHsFczc/G4xsOU+10jfzWP580X4QKyutQOV5jJ dHDpqwxcV5qyaqY07VDrjspsxOLzv7yzqxUuozU4NugeFxWwRVo2G5Gglu2wl7E+U34Y GehB/xgWR75DKukEFIHjLCJ/avfABZN8CCXxmDYZ/w4HPozGcXYJkOFygPbDZmkDNRCp FuSQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=K/u467qWIPmtAKER4bwzGAS0KnSR9ZUgbv71qDomo8g=; b=I/HkhValBUbCt9wZ59lPwKbLFkXkgczzBs+ShAR34bIFRlwTfhwMxN8v1Q4DzdD4kZ 9xWYwH+WkeI4VIeJLxdz71WerhhiZ2/ULqBr6+ikYaGtKywg8k34v6nMI52FqmSdCRWq iZyH1e9wF20oOsXxOz/zVVWgAmqSXnF08apIiAFEvyNYG265JKI69fhTxMKo51AkFNv9 4/MJcLZYS2KZEs68VRj888xA/fj8Ya/TFxdTsPYx4QY5sv7pmOn2ZVRDcZMxax4GdN7C niATOD3jNNNjUkgHA+nTw6c1rQKQpL4vvl/ES6l359CDwLJ8s+9jLb7xVsyTfJHYhgRr pXZQ==
X-Gm-Message-State: APjAAAU0AGiXqix/xgBC9yNbjeWQBDwQmAocpvcA4DKlX9+fKksHAwwr D2YEVMpIpPaZMSufIWejx+HQ9ltlFjhFvl4iZnEgx/6VL3k=
X-Google-Smtp-Source: APXvYqxnNGwmy2OeurL94d4mcjqEW+1Nb5a7xrUxSdAzWVOuzf3YHOLsWeyFUCUXWQ9A7CeqVXLgLVSJ1R0jTcr7vqw=
X-Received: by 2002:adf:90e1:: with SMTP id i88mr18707952wri.95.1576917599346; Sat, 21 Dec 2019 00:39:59 -0800 (PST)
MIME-Version: 1.0
From: "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
Date: Sat, 21 Dec 2019 17:39:23 +0900
Message-ID: <CAPK2Dex9JY6TdwjDixKW184zgxBwy1H4Yvo-JNbOgqrA+VtTpg@mail.gmail.com>
To: "i2nsf@ietf.org" <i2nsf@ietf.org>
Cc: Roman Danyliw <rdd@cert.org>, skku-iotlab-members <skku-iotlab-members@googlegroups.com>, "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
Content-Type: multipart/mixed; boundary="000000000000597e8f059a32bd4a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/PxAg1e9kdGSxKvHMdu5Bl-xAWaw>
Subject: [I2nsf] [i2nsf] Side meeting minutes for IETF 106 in Singapore
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 21 Dec 2019 08:40:04 -0000
Hi I2NSF WG,
Here is the side meeting minutes for IETF 106 in Singapore.
I sincerely appreciate the participants' contributions in the side meeting.
Thank Yiwen Chris Shen for his notetaking for his minutes.
Best Regards,
Paul
------------------------------------------------
<I2NSF Side Meeting Minutes>
* Date & Time: 11/21/2019, 5:00PM to 6:00PM
* Place: Bras Basah in Raffles City Convention Center
* Agenda
- I2NSF Hackathon Project Report (Jaehoon Paul Jeong, 5 min)
- I2NSF Data Model Drafts Update (Jaehoon Paul Jeong, 10 min)
. I2NSF Capability YANG Data Model
. I2NSF Consumer-Facing Interface YANG Data Model
. I2NSF Network Security Function-Facing Interface YANG Data Model
. I2NSF Registration Interface YANG Data Model
. I2NSF NSF Monitoring YANG Data Model
- Security Policy Translator Draft Update (Chaehong Chung, 5 min)
- Open Discussion: Possible Work Items for I2NSF Rechartering (30 min)
1. YANG data model of the interface between I2NSF Security Controller and
SDN Switch Controller
2. YANG data model of the interface between I2NSF Security Controller and
SFC Classifier
3. Configuration of Advanced Security Functions with I2NSF Security
Controller
4. Policy Object for Interface to Network Security Functions (I2NSF)
* Participants (15 people)
Roman Danyliw (AD), Linda Dunbar (WG Chair), Diego Lopez (Telefonica),
Liang Frank Xia (Huawei),
Jie Yang (Huawei), Hyojoon Han (DGU), Yongjoon Joe (LSware), Duke Moon
(Hansol), Jungsoo Park (ETRI),
Jerome Francois (Inria), Laurent Ciavalia (Nokia), Qin Wu (Huawei),
Chaehong Chung (SKKU),
Yiwen Chris Shen (SKKU), Jaehoon Paul Jeong (SKKU)
* Side Meeting Facilitator: Jaehoon Paul Jeong
* Notetaker: Yiwen Chris Shen
-----
* I2NSF NSF Monitoring YANG Data Model
Diego: Is this data model the reporting model or control model?
Paul: This is a reporting model.
-----
* Security Policy Translator Draft Update
Chaehong: Introduced security policy translator and in detail talked about
mapping information comments.
As the next step, we will reflect YANG doctors' reviews of the
consumer-facing interface.
Diego: We can't standardize the way we do things for the security policy
translator.
I vote not to standardize this security policy translator because
this is a process rather than an architecture.
Laurent: You can put your document in a general way, and make the
specific process as an example.
Diego: This is important, but we cannot standardize it.
A reporting tool can be standardized, if you generalize this process
in the general way.
IETF won't standardize this.
Qin: There are some overlaps between this translator and nmrg work.
If we can have a generalized framework, the framework can be
standardized.
Paul: I will try to generalize this translator, so I may need your help to
come up with some general framework.
-----
* Open Discussion: Possible Work Items for I2NSF Rechartering
Paul: Suggested other work items.
1. YANG data model of the interface between I2NSF Security Controller and
SDN Switch Controller
2. YANG data model of the interface between I2NSF Security Controller and
SFC Classifier
3. Configuration of Advanced Security Functions with I2NSF Security
Controller
4. Policy Object for Interface to Network Security Functions (I2NSF)
Diego: There are no differences between the two NSF-facing interfaces.
This is another way you call it.
Paul: They use different ways.
Laurent: What exactly do you try to touch?
What are you trying to configure a switch controller.
Diego: Why do you want to do this?
Paul: Switch can filter packets.
Diego: The packet filtering is already separated.
Paul: My goal is to give an easy way to control a switch controller.
Diego: Implementation point of view, the upper and lower parts are the same.
Laurent: You can touch different functions from it.
Paul: SFC has necessity to define an interface between the security
controller and SFC classifier
to specify the service function path for a security policy for a
traffic flow.
Paul: The name of the NSF-facing interface may not correct, the thing here
is how to configure.
Laurent: This is deployment issue.
Laurent: Who consumes the function is not your job.
Paul: You are right. But my purpose is for easily configuring the switch.
Laurent: We abstract the SFs here.
Paul: We need more discussion.
-----
Paul: As next possible work items, the first is the configuration of
advanced security functions
with I2NSF security controller, and the second is security policy
objects for I2NSF, which
are useful to construct a security policy and manage it.
-----
Paul: we need to move the YANG data models forward.
Roman: I prefer trying one document first.
If we try to WGLC all related documents, we may face all the same
issues.
Paul: I believe we can do WGLC for the 3 drafts, at least the capability
data model draft.
Diego: The later two work items make sense.
Linda: Why is it not ready? It is almost ready.
Paul: I sent an email to the YANG doctor, but there is not any reply from
the YANG doctor.
-----
Paul: If the later two work items (such as advanced security functions and
security policy object) can be
accepted by the WG people, we can work on the two work items after
revising our charter.
Frank: If the AD and chairs think they are valuable work, we can continue.
Paul: Security policy translator needs more discussion for a general
framework.
Linda: We need to see energy to continue the work.
-----
END
--
===========================
Mr. Jaehoon (Paul) Jeong, Ph.D.
Associate Professor
Department of Software
Sungkyunkwan University
Office: +82-31-299-4957
Email: jaehoon.paul@gmail.com, pauljeong@skku.edu
Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
<http://cpslab.skku.edu/people-jaehoon-jeong.php>
- [I2nsf] [i2nsf] Side meeting minutes for IETF 106… Mr. Jaehoon Paul Jeong