Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2nsf-sdn-ipsec-flow-protection-04

"Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com> Sat, 18 May 2019 05:06 UTC

Return-Path: <jaehoon.paul@gmail.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9974712002F for <i2nsf@ietfa.amsl.com>; Fri, 17 May 2019 22:06:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.988
X-Spam-Level:
X-Spam-Status: No, score=-1.988 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_HK_NAME_FM_MR_MRS=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hDHtUyIMI8Hr for <i2nsf@ietfa.amsl.com>; Fri, 17 May 2019 22:06:57 -0700 (PDT)
Received: from mail-wm1-x333.google.com (mail-wm1-x333.google.com [IPv6:2a00:1450:4864:20::333]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 912F912014E for <i2nsf@ietf.org>; Fri, 17 May 2019 22:06:56 -0700 (PDT)
Received: by mail-wm1-x333.google.com with SMTP id c77so7148731wmd.1 for <i2nsf@ietf.org>; Fri, 17 May 2019 22:06:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Z/c2cbeLRWr3Llm7Id7N8wHE6S8VfBnw3Zdh5ZKa5XE=; b=TcdIiqau85PsfWG/eI9UU27KIludXwLvOiKOPSomygMXpAU626y4wqY/MRKU3DfWuU DFUSSvJ/GxjARjNIOc8JHB6kKHF43cCUOoWpWjiXEhQJhYtdKS8epNcVqwza0t5T+PPr nlta2GN79fv37Soun1xl2Bd/beJnwVKrtt0fs0cD3gYJOx90pecQMAIeBazOogPvuV0g jq5w3LXBiNAGbxZfa/ctf1D9eRra7tICWRZZcXjtM4Cj7459e9q8yX5Bgw9CrfpTcaRJ UV6618FFvN6EPQdBtm+ttuRFfwfMyYKCPAcNK5jFySplpsML0RiP+cyNdGWt5mkuUtvE hsOQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Z/c2cbeLRWr3Llm7Id7N8wHE6S8VfBnw3Zdh5ZKa5XE=; b=P8jRmz7zpc0dRyrtm3uJsszYhqhPUZ7xAxlvzRRUC5P/ZgGYAUTlkLOVDHOpFsCT5k fI94J8zYMcvO86/DJnm5Iu7DX1xnd+sat+dMBO5BYbvwXBKrHbFvrlGiYylLx1MaWNh3 gR16kqiE7Jv0fWgVufuxs4kwwssz/bnIHlFTPERifwV4sDB5wthTzUKfo8TkDzCCYt2H HBWlPeSNY7wRCSfU9DQyyfRxS7nu3BoOPjhOgTeoKANHWyMFa/lRnVo7FCngKN71/0OV JKkiOunnbg9e0fg7bcXS6PyfDQsGaBLqT7L8nHHnaR2A90SK+2JMI0O5Kasv0Lt4bvuk X8Vg==
X-Gm-Message-State: APjAAAU8gl0VlGFBa6hMXkdhLKLBVd4h1aY44P3JkNMswNpeHSbg3K9Q f2BxEvAJrAG/VdhXUon/ACpaskCF1CZS/w8YqG0=
X-Google-Smtp-Source: APXvYqyrtJpbLydCF0HoNXOHgzGaT2koWn4zi7WUyYSXNSvfTJmpgXeEp3nZS9Q9iEAUZKj5VnFtb6zcYc4eecS+eps=
X-Received: by 2002:a1c:9e8e:: with SMTP id h136mr11786919wme.29.1558156014804; Fri, 17 May 2019 22:06:54 -0700 (PDT)
MIME-Version: 1.0
References: <4A95BA014132FF49AE685FAB4B9F17F66B3869DE@sjceml521-mbs.china.huawei.com> <CAPK2DeyWU8gyQd+cEMg3bef-CybJvVRr1eF2br1h-LPAy34=Xw@mail.gmail.com> <4A95BA014132FF49AE685FAB4B9F17F66B3DCF04@sjceml521-mbs.china.huawei.com>
In-Reply-To: <4A95BA014132FF49AE685FAB4B9F17F66B3DCF04@sjceml521-mbs.china.huawei.com>
From: "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
Date: Sat, 18 May 2019 14:11:19 +0900
Message-ID: <CAPK2DezV6eE4-ooDC_RHNxSqK+NpX3R0uckUv7B8et=Ui5fyjw@mail.gmail.com>
To: Linda Dunbar <linda.dunbar@huawei.com>
Cc: "rafa@um.es" <rafa@um.es>, Gabriel Lopez <gabilm@um.es>, "fernando.pereniguez@cud.upct.es" <fernando.pereniguez@cud.upct.es>, Yoav Nir <ynir.ietf@gmail.com>, "i2nsf@ietf.org" <i2nsf@ietf.org>, "skku_secu-brain_all@googlegroups.com" <skku_secu-brain_all@googlegroups.com>, "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000c464580589227787"
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/vGruPR-BGRf6KTPk5pB2DJ0EIrw>
Subject: Re: [I2nsf] WGLC and IPR poll for draft-ietf-i2nsf-sdn-ipsec-flow-protection-04
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 May 2019 05:07:00 -0000

Hi Linda,
For your first question,
it seems like Gabriel does not like to modify their code to let NSF-Facing
Interface data module import ikev2 and ietf-ipsec (i.e., ike-less)
according to IETF YANG conventions such as TLS, SSH, IDS, and ACL.
In our data models, we will specify whether an NSF supports an IPsec
configuration mechanism (IKEv2 or IKEless),
or does not support any IPsec configuration mechanism.
That is, our data models assume that the actual IPsec configuration will be
handled by Rafa's IPsec module through NETCONF, and
our I2NSF interfaces will do nothing related to the IPsec configuration.

For your second question,
"ietf-ipsec" is the same as "ipsec-ikeless".

Thanks.

Best Regards,
Paul

On Sat, May 18, 2019 at 6:28 AM Linda Dunbar <linda.dunbar@huawei.com>
wrote:

> Paul,
>
>
>
> If you simply want to import the “ikev2” and “ietf-ipsec” to  NSF-Facing
> Interface data model,  can the new code be the following?
>
>
>
>
>
> ########### Modified Code #############
>
>
>
> grouping ikev2 {
>
>    ...
>
> }
>
>
>
> grouping ietf-ipsec {
>
>    ...
>
> }
>
> ########
>
>
>
>
>
> By the way “ietf-ipsec” is not same as  “ipsec-ikeless”, is it?
>
>
>
>
>
> Linda
>
>
>
> *From:* Mr. Jaehoon Paul Jeong [mailto:jaehoon.paul@gmail.com]
> *Sent:* Thursday, May 09, 2019 9:02 AM
> *To:* rafa@um.es; Gabriel Lopez <gabilm@um.es>;
> fernando.pereniguez@cud.upct.es
> *Cc:* Linda Dunbar <linda.dunbar@huawei.com>; Yoav Nir <
> ynir.ietf@gmail.com>; i2nsf@ietf.org; skku_secu-brain_all@googlegroups.com;
> Mr. Jaehoon Paul Jeong <jaehoon.paul@gmail.com>
> *Subject:* Re: [I2nsf] WGLC and IPR poll for
> draft-ietf-i2nsf-sdn-ipsec-flow-protection-04
>
>
>
> Hi Authors: Rafa, Gabriel, and Fernando,
>
>
>
> I have a request to let your authors revise i2nsf ipsec draft
>
> (draft-ietf-i2nsf-sdn-ipsec-flow-protection-04)
>
> in order to conform to our i2nsf interface data models.
>
> For your YANG data module to be used in our NSF-Facing Interface data
> model through import,
>
> your YANG data module needs some modification as follows.
>
>
>
> ########### Original Code #############
>
> container ikev2 {
>
>    ....
>
> }
>
>
>
> container ietf-ipsec {
>
>    ....
>
> }
>
>
>
> ########### Modified Code #############
>
>
>
> grouping ipsec-ike {
>
>    ...
>
> }
>
>
>
> grouping ipsec-ikeless {
>
>    ...
>
> }
>
>
>
> container ikev2 {
>
>  description "Configure the IKEv2 software";
>
>  uses ipsec-ike;
>
> }
>
>
>
> container ietf-ipsec {
>
>  description "IPsec configuration";
>
>  uses ipsec-ikeless;
>
> }
>
>
>
> With your modification, my SKKU team will modify our YANG data models
>
> to accommodate your ipsec data model.
>
>
>
> If you have any questions, please let me know.
>
>
>
> Thank you.
>
>
>
> Best Regards,
>
> Paul
>
>
>
> On Wed, Apr 17, 2019 at 11:54 PM Linda Dunbar <linda.dunbar@huawei.com>
> wrote:
>
> Hello Working Group,
>
>
>
> This email starts a four weeks Working Group Last Call on
> draft-ietf-i2nsf-sdn-ipsec-flow-protection-04.
>
> This poll runs until May 15, 2019.
>
>
>
> Authors: please update the draft per the comments and suggestions from
> YANG Doctors.
>
>
>
> We are also polling for knowledge of any undisclosed IPR that applies to
> this Document, to ensure that IPR has been disclosed in compliance with
> IETF IPR rules (see RFCs 3979, 4879, 3669 and 5378 for more details).
>
> If you are listed as an Author or a Contributor of this Document please
> respond to this email and indicate whether or not you are aware of any
> relevant undisclosed IPR. The Document won't progress without answers from
> all the Authors and Contributors.
>
>
>
> If you are not listed as an Author or a Contributor, then please
> explicitly respond only if you are aware of any IPR that has not yet been
> disclosed in conformance with IETF rules.
>
>
>
>
>
> Thank you.
>
>
>
> Yoav & Linda
>
> _______________________________________________
> I2nsf mailing list
> I2nsf@ietf.org
> https://www.ietf.org/mailman/listinfo/i2nsf
>
>
>
>
> --
>
> ===========================
> Mr. Jaehoon (Paul) Jeong, Ph.D.
> Associate Professor
> Department of Software
> Sungkyunkwan University
> Office: +82-31-299-4957
> Email: jaehoon.paul@gmail.com, pauljeong@skku.edu
> Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
> <http://cpslab.skku.edu/people-jaehoon-jeong.php>
>


-- 
===========================
Mr. Jaehoon (Paul) Jeong, Ph.D.
Associate Professor
Department of Software
Sungkyunkwan University
Office: +82-31-299-4957
Email: jaehoon.paul@gmail.com, pauljeong@skku.edu
Personal Homepage: http://iotlab.skku.edu/people-jaehoon-jeong.php
<http://cpslab.skku.edu/people-jaehoon-jeong.php>