Re: [I2nsf] WGLC for draft-ietf-i2nsf-registration-dm-17
"Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com> Thu, 08 September 2022 11:06 UTC
Return-Path: <jaehoon.paul@gmail.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 09EAEC1524B8 for <i2nsf@ietfa.amsl.com>; Thu, 8 Sep 2022 04:06:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.086
X-Spam-Level:
X-Spam-Status: No, score=-0.086 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_FREEMAIL_DOC_PDF=0.01, T_HK_NAME_FM_MR_MRS=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, URI_DOTEDU=1.997] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v72HnSU2KlFP for <i2nsf@ietfa.amsl.com>; Thu, 8 Sep 2022 04:06:03 -0700 (PDT)
Received: from mail-pg1-x52a.google.com (mail-pg1-x52a.google.com [IPv6:2607:f8b0:4864:20::52a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C3E3FC1524B3 for <i2nsf@ietf.org>; Thu, 8 Sep 2022 04:06:03 -0700 (PDT)
Received: by mail-pg1-x52a.google.com with SMTP id 73so16421001pga.1 for <i2nsf@ietf.org>; Thu, 08 Sep 2022 04:06:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date; bh=ZMk1+uy84F2Kvf6v8pFuHUQnftrLHkUl1HJySedY6S0=; b=GJBvOWEre1HZ97FKVU/Bxka9aa/zDynbMph/GnAE298DD0Y3GLD33ouolW81rPnD5N BpziAfPAT8eO+iDbjy5JK8ERWmwDcvlgGPKPfFDcLrOjP9Nb2thnlBcn5MV2c9TdVBVo b7IP0XMlkAtjJxTb4AwGhZs4bk291hGvKw1Ci3YF7erG9YhyNrYSi6HPSLOtqAsMvLl0 R0zTHNrss0rMuY+pMbYGTYpk9EZZTl/iBy3VpnUA4dDaCKZ9Ue4J/XyI8iaRxrZg0EYy K3hSrprx+2tan0NAfbLvgutFaZJN8mn6wkGwHNcBXfoUCSOPP2jhiIa0dVGPOueJEL+m 5STA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date; bh=ZMk1+uy84F2Kvf6v8pFuHUQnftrLHkUl1HJySedY6S0=; b=pbPlIn/4DIxXJ9yHSh9h6YC3w34l0qUL1q+AQ7tUyprV6+klWlC7DxVMZ9aPu/T6MG qgXiqGr8Xzc+TfYfKUvuzzTKeFkxQT/krCSrTMAQzKuTFdMoOzein0wLAoTsln9r9peq +1sjEoJMJI9Bdxcb8pMRmpx7117JthBBc62VmxdK4kj9UTQkReknslw+I8KsCO2i/sN2 QfkSnYMH6OT8XPYiv8GdVAYkKtNJpK77Gcn/6fON+tpYXvRQ/LpXN4SyM2NaU03S28+1 7fVyTD/UPxWmFiQqwCCWnVpq3lmkjDXI1hd9iz69PuJvmEMaZz/ySpxsOibFM2UtYj/y OHOw==
X-Gm-Message-State: ACgBeo31vbzTj0vkJCX3wa5BYNhLw83x8srg3fjqJ1BzLnwfQJHtw4DZ eEmXDumVNanFGtxV7TdOknChrQmhIwTPEboOPjs=
X-Google-Smtp-Source: AA6agR4+QghIyGK3h4A0k9n7VPHzYFkI3i5/dnV535bkxDudP1VlD8LhuJXxdKceiFLnZ1Qtm8KZj+qdSfOD9+8z0JQ=
X-Received: by 2002:aa7:910b:0:b0:537:cd65:e7d with SMTP id 11-20020aa7910b000000b00537cd650e7dmr8636035pfh.63.1662635162691; Thu, 08 Sep 2022 04:06:02 -0700 (PDT)
MIME-Version: 1.0
References: <0d4945bd5b1f40b3809eed198c24d554@huawei.com>
In-Reply-To: <0d4945bd5b1f40b3809eed198c24d554@huawei.com>
From: "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
Date: Thu, 08 Sep 2022 20:05:25 +0900
Message-ID: <CAPK2DezvskOtdZLGPD_3GiS2CNai+tS_72XG6JJvuuRjOpeicA@mail.gmail.com>
To: Qin Wu <bill.wu@huawei.com>, Linda Dunbar <linda.dunbar@futurewei.com>
Cc: "i2nsf@ietf.org" <i2nsf@ietf.org>, Roman Danyliw <rdd@cert.org>, Patrick Lingga <patricklink888@gmail.com>, skku-iotlab-members <skku-iotlab-members@googlegroups.com>, "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
Content-Type: multipart/mixed; boundary="00000000000043b08505e8286aa5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/ro3jkFT2tWD0ZJ8ZlfPGd0Bct6Y>
Subject: Re: [I2nsf] WGLC for draft-ietf-i2nsf-registration-dm-17
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Sep 2022 11:06:08 -0000
Hi Qin, Here is the revision of the I2NSF Registration Interface Draft with your comments: https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-registration-interface-dm-21 Patrick and I have reflected all your comments on the revision, especially the augmentation of I2NSF Capability for I2NSF Registration Interface. I attach the revision letter for your convenience. Thanks for your valuable comments. Linda, I believe that this Registration Interface YANG Data Model Draft is ready for the submission to the IESG. Best Regards, Paul On Mon, Sep 5, 2022 at 3:59 PM Qin Wu <bill.wu@huawei.com> wrote: > Hi, Paul: > > Thank for the update, I am still struggling about the relation between > capability model and registration interface model. > > First, the registration interface model imports ietf-i2nsf-capability and > reuses some grouping defined in ietf-i2nsf-capability, this is not > augmented model from ietf-i2nsf-capability. It is a new model which use > some building block in some other existing models. > > Augmented model should augment from ietf-i2nsf-capability with additional data nodes, e.g., here is IPv4 unicast routing management model which is augmented from ietf-routing > > augment "/rt:routing-state/rt:ribs/rt:rib/rt:routes/rt:route" { > > when "derived-from-or-self(../../rt:address-family, " > > + "'v4ur:ipv4-unicast')" { > > description > > "This augment is valid only for IPv4 unicast."; > > } > > This gives you a sense what augmented model look like. > > Second, Can ietf-i2nsf-capability module be used independent from ietf-i2nsf-registration-interface module? Is ietf-i2nsf-capability used in the same registration interface as ietf-i2nsf-registration-interface module? > > Third: I re-read section 4 of draft-ietf-i2nsf-registration-interface-dm, it said: > > “ > > The I2NSF registration interface is used by Security Controller and > > Developer's Management System (DMS) in I2NSF framework. The > > following summarizes the operations done through the registration > > interface: > > > > 1) DMS registers NSFs and their capabilities to Security Controller > > via the registration interface. DMS also uses the registration > > interface to update the capabilities of the NSFs registered > > previously. > > > > 2) In case that Security Controller fails to find some required > > capabilities from any registered NSF that can provide, Security > > Controller queries DMS about NSF(s) having the required > > capabilities via the registration interface. > > ” > > I feel this registration interface is designed only for administrators to register NSF capability, In case that Security Controller fails to find some required > > capabilities from any registered NSF that can provide, it can also auto detect required capabilities by itself from NSF, therefore simply define query RPC > > to query capabilities from DMS seems not sufficient, unless you explicitly rule this auto detection out from this document. > > > > -Qin > > *发件人:* Mr. Jaehoon Paul Jeong [mailto:jaehoon.paul@gmail.com] > *发送时间:* 2022年8月31日 19:14 > *收件人:* Qin Wu <bill.wu@huawei.com> > *抄送:* i2nsf@ietf.org; Roman Danyliw <rdd@cert.org>; Linda Dunbar < > linda.dunbar@futurewei.com>; Patrick Lingga <patricklink888@gmail.com>; > skku-iotlab-members <skku-iotlab-members@googlegroups.com>; Mr. Jaehoon > Paul Jeong <jaehoon.paul@gmail.com> > *主题:* Re: [I2nsf] WGLC for draft-ietf-i2nsf-registration-dm-17 > > > > Hi Qin, > > Here is the revision reflecting your detailed comments on the I2NSF > Registration Interface: > > > https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-registration-interface-dm-20 > > > > Patrick and I have revised this draft along with the attached revision > letter. > > > > Could you confirm whether this revision looks good to you or not? > > > > Thanks. > > > > Best Regards, > > Paul > > > > > > > > On Wed, Aug 24, 2022 at 6:42 PM Qin Wu <bill.wu@huawei.com> wrote: > > Hi, Paul: > > Thank you for inviting me to review this draft. > > I am a little confused about the relation of this draft with > draft-ietf-i2nsf-capability-data-model > > See quoted text in draft-ietf-i2nsf-capability-data-model > > “ > > This document provides an information model and the corresponding > > YANG data model [RFC6020][RFC7950] that defines the capabilities of > > NSFs to centrally manage the capabilities of those NSFs. The NSFs > > can register their own capabilities into a Network Operator > > Management (Mgmt) System (i.e., Security Controller) with this YANG > > data model through the registration interface [RFC8329]. > > > > ” > > And quote text in draft-ietf-i2nsf-registration-dm > > “ > > This document describes an information model (see Section 4) and a > > YANG [RFC7950] data model (see Section 5) for the I2NSF Registration > > Interface [RFC8329] between the security controller and the > > developer's management system (DMS) to support NSF capability > > registration and query via the registration interface. > > > > ” > > I am wondering which YANG data model is exchanged in the registration > interface. > > Shouldn’t YANG data model defined in draft-ietf-i2nsf-registration-dm > augment the YANG model defined in > > draft-ietf-i2nsf-capability-data-model. > > > > In addition, I think registration interface seems not mandatory interface, > security controller in some other case can > > Learn capability NFV orchestrators, or NSF can expose dynamic capability > to security controller. > > > > Besides register NSF, I am wondering what other data or information can be > registered? I assume there are a lot. > > Therefore I would suggest to limit the scope of this registration > interface, only focus NSF capability registration. > > The title should reflect this. > > > > *For data model and information model definition, I think you should refer > to RFC3444.* > > For NSF access information, I am wondering whether management protocol > should also be part of access information. > > Regarding performance capability, I assume it is related to software or > hardware, or firmware specification, > > Naming it as performance capability seems confusing to me. > > > > -Qin > > ---------- 전달된 메일 ---------- > 보낸사람: *Linda Dunbar* <linda.dunbar@futurewei.com> > 날짜: 2022년 6월 11일 (토) 오전 3:13 > 제목: [I2nsf] WGLC for draft-ietf-i2nsf-registration-dm-17 > 받는사람: i2nsf@ietf.org <i2nsf@ietf.org> > > > > Hello Working Group, > > > > Many thanks to the authors of draft-ietf-i2nsf-registration-dm-17 to > address all the comments from YANG Doctor review, SecDir review and OpsDIR > review. > > > > This email starts a three weeks Working Group Last Call > on draft-ietf-i2nsf-registration-dm-17 > > > https://datatracker.ietf.org/doc/draft-ietf-i2nsf-registration-interface-dm/ > > > > This poll runs until July 1, 2021. > > > > We are also polling for knowledge of any undisclosed IPR that applies to > this Document, to ensure that IPR has been disclosed in compliance with > IETF IPR rules (see RFCs 3979, 4879, 3669 and 5378 for more details). > > If you are listed as an Author or a Contributor of this Document, please > respond to this email and indicate whether or not you are aware of any > relevant undisclosed IPR. The Document won't progress without answers from > all the Authors and Contributors. > > > > If you are not listed as an Author or a Contributor, then please > explicitly respond only if you are aware of any IPR that has not yet been > disclosed in conformance with IETF rules. > > > > Thank you. > > > > Linda > > > > _______________________________________________ > I2nsf mailing list > I2nsf@ietf.org > https://www.ietf.org/mailman/listinfo/i2nsf > > -- > > =========================== > Mr. Jaehoon (Paul) Jeong, Ph.D. > Associate Professor > > Department Head > Department of Computer Science and Engineering > Sungkyunkwan University > Office: +82-31-299-4957 > Email: pauljeong@skku.edu, jaehoon.paul@gmail.com > Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php > <http://cpslab.skku.edu/people-jaehoon-jeong.php> > >
- [I2nsf] WGLC for draft-ietf-i2nsf-registration-dm… Linda Dunbar
- Re: [I2nsf] WGLC for draft-ietf-i2nsf-registratio… Mr. Jaehoon Paul Jeong
- Re: [I2nsf] WGLC for draft-ietf-i2nsf-registratio… yangpenglin@chinamobile.com
- Re: [I2nsf] WGLC for draft-ietf-i2nsf-registratio… Huaimo Chen
- Re: [I2nsf] WGLC for draft-ietf-i2nsf-registratio… Mr. Jaehoon Paul Jeong
- Re: [I2nsf] WGLC for draft-ietf-i2nsf-registratio… Donald Eastlake
- Re: [I2nsf] WGLC for draft-ietf-i2nsf-registratio… Mr. Jaehoon Paul Jeong
- [I2nsf] WGLC for draft-ietf-i2nsf-registration-dm… Qin Wu
- Re: [I2nsf] WGLC for draft-ietf-i2nsf-registratio… Mr. Jaehoon Paul Jeong
- Re: [I2nsf] WGLC for draft-ietf-i2nsf-registratio… Mr. Jaehoon Paul Jeong
- Re: [I2nsf] WGLC for draft-ietf-i2nsf-registratio… Mr. Jaehoon Paul Jeong
- Re: [I2nsf] WGLC for draft-ietf-i2nsf-registratio… Qin Wu
- Re: [I2nsf] WGLC for draft-ietf-i2nsf-registratio… Mr. Jaehoon Paul Jeong
- Re: [I2nsf] WGLC for draft-ietf-i2nsf-registratio… Linda
- Re: [I2nsf] WGLC for draft-ietf-i2nsf-registratio… Mr. Jaehoon Paul Jeong
- [I2nsf] WGLC for draft-ietf-i2nsf-registration-dm… Linda Dunbar