[I2nsf] 答复: WGLC and IPR poll for draft-ietf-i2nsf-sdn-ipsec-flow-protection-04
"Xialiang (Frank, Network Standard & Patent Dept)" <frank.xialiang@huawei.com> Mon, 13 May 2019 02:00 UTC
Return-Path: <frank.xialiang@huawei.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E30D12012D for <i2nsf@ietfa.amsl.com>; Sun, 12 May 2019 19:00:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WADJXdiKz1_1 for <i2nsf@ietfa.amsl.com>; Sun, 12 May 2019 19:00:09 -0700 (PDT)
Received: from huawei.com (lhrrgout.huawei.com [185.176.76.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AAB0112008D for <i2nsf@ietf.org>; Sun, 12 May 2019 19:00:08 -0700 (PDT)
Received: from lhreml707-cah.china.huawei.com (unknown [172.18.7.106]) by Forcepoint Email with ESMTP id 336D332E0D6AA22EF611; Mon, 13 May 2019 03:00:06 +0100 (IST)
Received: from lhreml708-chm.china.huawei.com (10.201.108.57) by lhreml707-cah.china.huawei.com (10.201.108.48) with Microsoft SMTP Server (TLS) id 14.3.408.0; Mon, 13 May 2019 03:00:04 +0100
Received: from lhreml708-chm.china.huawei.com (10.201.108.57) by lhreml708-chm.china.huawei.com (10.201.108.57) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1713.5; Mon, 13 May 2019 03:00:03 +0100
Received: from DGGEMM423-HUB.china.huawei.com (10.1.198.40) by lhreml708-chm.china.huawei.com (10.201.108.57) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256) id 15.1.1713.5 via Frontend Transport; Mon, 13 May 2019 03:00:03 +0100
Received: from DGGEMM531-MBS.china.huawei.com ([169.254.6.202]) by dggemm423-hub.china.huawei.com ([10.1.198.40]) with mapi id 14.03.0439.000; Mon, 13 May 2019 09:59:51 +0800
From: "Xialiang (Frank, Network Standard & Patent Dept)" <frank.xialiang@huawei.com>
To: Gabriel Lopez <gabilm@um.es>, "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
CC: "i2nsf@ietf.org" <i2nsf@ietf.org>, "skku_secu-brain_all@googlegroups.com" <skku_secu-brain_all@googlegroups.com>, Linda Dunbar <linda.dunbar@huawei.com>, Fernando Pereñíguez García <fernando.pereniguez@cud.upct.es>, Yoav Nir <ynir.ietf@gmail.com>, Rafa Marin Lopez <rafa@um.es>, "Diego R. Lopez" <diego.r.lopez@telefonica.com>
Thread-Topic: [I2nsf] WGLC and IPR poll for draft-ietf-i2nsf-sdn-ipsec-flow-protection-04
Thread-Index: AdT1LThqzmgVobBpQv6JyYX9XtHDxAQ/47uAAAWbIQAACUrTAAAYCqCAAD2HIIAAW52k0A==
Date: Mon, 13 May 2019 01:59:50 +0000
Message-ID: <C02846B1344F344EB4FAA6FA7AF481F12CA71ADC@DGGEMM531-MBS.china.huawei.com>
References: <4A95BA014132FF49AE685FAB4B9F17F66B3869DE@sjceml521-mbs.china.huawei.com> <CAPK2DeyWU8gyQd+cEMg3bef-CybJvVRr1eF2br1h-LPAy34=Xw@mail.gmail.com> <40D323E6-AEFD-47AF-9E81-F5B55D7D7E14@um.es> <CAPK2DeyG2zd-8qjYEzKXGDUEj_zW=X6X2qL63Zd159y9VZJmTg@mail.gmail.com> <867C4A23-0335-4B5A-8FB2-430FBF77E990@um.es> <CAPK2DexPHcX6HdNeZE_pBTUeFXw3dOQmV1B=spOJ6EAPOTzuMg@mail.gmail.com>
In-Reply-To: <CAPK2DexPHcX6HdNeZE_pBTUeFXw3dOQmV1B=spOJ6EAPOTzuMg@mail.gmail.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.134.159.76]
Content-Type: multipart/related; boundary="_004_C02846B1344F344EB4FAA6FA7AF481F12CA71ADCDGGEMM531MBSchi_"; type="multipart/alternative"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/jZ7_7h_PgwEcIc_TxLkfyL7HDjw>
Subject: [I2nsf] 答复: WGLC and IPR poll for draft-ietf-i2nsf-sdn-ipsec-flow-protection-04
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 May 2019 02:00:13 -0000
Hi Gabi, I think the latest update about the wrapping IPSec model in I2NSF-NSF-Facing interface model reflects and addresses the issue raised in last IETF meeting in Prague, see: https://datatracker.ietf.org/meeting/104/materials/slides-104-i2nsf-model-convergence-proposal-00 In summary, it tries to keep the I2NSF capability data model as the basic and only one entry point for all the specific capability model (i.e., IPSec, IDS, etc.) consistently, while ensure independent configuration model for each specific model. We think this is a good proposal and are addressing it. B.R. Frank 夏靓 (Frank Xia) IP安全标准专家 - 数据通信标准专利部 华为技术有限公司 Tel : +86 25 56624539 / 139138 40549 Email : frank.xialiang@huawei.com [cid:image001.png@01D50972.8E28D4E0] This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it! 发件人: I2nsf [mailto:i2nsf-bounces@ietf.org] 代表 Mr. Jaehoon Paul Jeong 发送时间: 2019年5月11日 21:59 收件人: Gabriel Lopez <gabilm@um.es> 抄送: i2nsf@ietf.org; skku_secu-brain_all@googlegroups.com; Linda Dunbar <linda.dunbar@huawei.com>; Fernando Pereñíguez García <fernando.pereniguez@cud.upct.es>; Yoav Nir <ynir.ietf@gmail.com>; Rafa Marin Lopez <rafa@um.es>; Mr. Jaehoon Paul Jeong <jaehoon.paul@gmail.com> 主题: Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2nsf-sdn-ipsec-flow-protection-04 Hi Gabriel, Yes, I think the current ipsec-ietf-ike and ipsec-ietf-ikeless without change will be fine to our I2NSF interfaces after I discuss with my student, Jinyong. Our Registration Interface with capability data model will register into Security Controller whether an NSF can support ipsec or not, and also in the case of the support of ipsec whether an NSF can support ike or ikeless. The NSF-Facing will do the same thing for an NSF rather than the actual configuration of ipsec stuff. I assume that the detailed ipsec configuration will be done by your ipsec modules. Thanks. Best Regards, Paul On Fri, May 10, 2019 at 5:37 PM Gabriel Lopez <gabilm@um.es<mailto:gabilm@um.es>> wrote: Hi Paul. The ipsec-ietf-ike and ipsec-ietf-ikeless modules are standalone modules that can be used in the facing interface. We do not understand why do you need to include them in the nsf-facing interface data model. The idea of having a data model with all the security services a nfs can support is not practical and can turns into a huge complex model. Do you have in mind to include also configuration groupings for TLS, SSH, IDS, ACLs, etc.? Best regards, Gabi. El 9 may 2019, a las 23:09, Mr. Jaehoon Paul Jeong <jaehoon.paul@gmail.com<mailto:jaehoon.paul@gmail.com>> escribió: Hi Gabriel, we need to make ipsec-ike and ipsec-ikeless be grouping type so that your ipsec module can be imported by our data modules for two ipsec cases. The container type cannot be imported by other data modules. Thanks. Best Regards, Paul 2019년 5월 10일 (금) 오전 1:43, Gabriel Lopez <gabilm@um.es<mailto:gabilm@um.es>>님이 작성: Hi Paul. Could you explain what is the purpose of this change? Best regards, Gabi. El 9 may 2019, a las 16:02, Mr. Jaehoon Paul Jeong <jaehoon.paul@gmail.com<mailto:jaehoon.paul@gmail.com>> escribió: Hi Authors: Rafa, Gabriel, and Fernando, I have a request to let your authors revise i2nsf ipsec draft (draft-ietf-i2nsf-sdn-ipsec-flow-protection-04) in order to conform to our i2nsf interface data models. For your YANG data module to be used in our NSF-Facing Interface data model through import, your YANG data module needs some modification as follows. ########### Original Code ############# container ikev2 { ..... } container ietf-ipsec { .... } ########### Modified Code ############# grouping ipsec-ike { ... } grouping ipsec-ikeless { ... } container ikev2 { description "Configure the IKEv2 software"; uses ipsec-ike; } container ietf-ipsec { description "IPsec configuration"; uses ipsec-ikeless; } With your modification, my SKKU team will modify our YANG data models to accommodate your ipsec data model. If you have any questions, please let me know. Thank you. Best Regards, Paul On Wed, Apr 17, 2019 at 11:54 PM Linda Dunbar <linda.dunbar@huawei.com<mailto:linda.dunbar@huawei.com>> wrote: Hello Working Group, This email starts a four weeks Working Group Last Call on draft-ietf-i2nsf-sdn-ipsec-flow-protection-04. This poll runs until May 15, 2019. Authors: please update the draft per the comments and suggestions from YANG Doctors. We are also polling for knowledge of any undisclosed IPR that applies to this Document, to ensure that IPR has been disclosed in compliance with IETF IPR rules (see RFCs 3979, 4879, 3669 and 5378 for more details). If you are listed as an Author or a Contributor of this Document please respond to this email and indicate whether or not you are aware of any relevant undisclosed IPR. The Document won't progress without answers from all the Authors and Contributors. If you are not listed as an Author or a Contributor, then please explicitly respond only if you are aware of any IPR that has not yet been disclosed in conformance with IETF rules. Thank you. Yoav & Linda _______________________________________________ I2nsf mailing list I2nsf@ietf.org<mailto:I2nsf@ietf.org> https://www.ietf.org/mailman/listinfo/i2nsf -- =========================== Mr. Jaehoon (Paul) Jeong, Ph.D. Associate Professor Department of Software Sungkyunkwan University Office: +82-31-299-4957 Email: jaehoon.paul@gmail.com<mailto:jaehoon.paul@gmail.com>, pauljeong@skku.edu<mailto:pauljeong@skku.edu> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php<http://cpslab.skku.edu/people-jaehoon-jeong.php> ----------------------------------------------------------- Gabriel López Millán Departamento de Ingeniería de la Información y las Comunicaciones University of Murcia Spain Tel: +34 868888504 Fax: +34 868884151 email: gabilm@um.es<mailto:gabilm@um.es> ----------------------------------------------------------- Gabriel López Millán Departamento de Ingeniería de la Información y las Comunicaciones University of Murcia Spain Tel: +34 868888504 Fax: +34 868884151 email: gabilm@um.es<mailto:gabilm@um.es> -- =========================== Mr. Jaehoon (Paul) Jeong, Ph.D. Associate Professor Department of Software Sungkyunkwan University Office: +82-31-299-4957 Email: jaehoon.paul@gmail.com<mailto:jaehoon.paul@gmail.com>, pauljeong@skku.edu<mailto:pauljeong@skku.edu> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php<http://cpslab.skku.edu/people-jaehoon-jeong.php>
- [I2nsf] WGLC and IPR poll for draft-ietf-i2nsf-sd… Linda Dunbar
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Rafa Marin-Lopez
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Gabriel Lopez
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Fernando Pereñíguez García
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Paul Wouters
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Mr. Jaehoon Paul Jeong
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Gabriel Lopez
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Mr. Jaehoon Paul Jeong
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Gabriel Lopez
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Mr. Jaehoon Paul Jeong
- [I2nsf] 答复: WGLC and IPR poll for draft-ietf-i2ns… Xialiang (Frank, Network Standard & Patent Dept)
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Linda Dunbar
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Linda Dunbar
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Mr. Jaehoon Paul Jeong
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Gabriel Lopez
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Rafa Marin-Lopez
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Linda Dunbar
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Linda Dunbar
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Rafa Marin-Lopez
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Rafa Marin Lopez
- Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2ns… Rafa Marin-Lopez
- Re: [I2nsf] [IPsec] WGLC and IPR poll for draft-i… Paul Wouters
- Re: [I2nsf] [IPsec] WGLC and IPR poll for draft-i… Rafa Marin Lopez
- Re: [I2nsf] [IPsec] WGLC and IPR poll for draft-i… Paul Wouters
- Re: [I2nsf] [IPsec] WGLC and IPR poll for draft-i… Tero Kivinen
- Re: [I2nsf] [IPsec] WGLC and IPR poll for draft-i… Paul Wouters
- Re: [I2nsf] [IPsec] WGLC and IPR poll for draft-i… Rafa Marin-Lopez
- Re: [I2nsf] [IPsec] WGLC and IPR poll for draft-i… Rafa Marin-Lopez
- Re: [I2nsf] [IPsec] WGLC and IPR poll for draft-i… Tero Kivinen
- Re: [I2nsf] [IPsec] WGLC and IPR poll for draft-i… Rafa Marin-Lopez