Re: [I2nsf] Robert Wilton's Discuss on draft-ietf-i2nsf-consumer-facing-interface-dm-28: (with DISCUSS and COMMENT)
"Rob Wilton (rwilton)" <rwilton@cisco.com> Mon, 17 April 2023 14:08 UTC
Return-Path: <rwilton@cisco.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8436BC15171E; Mon, 17 Apr 2023 07:08:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.594
X-Spam-Level:
X-Spam-Status: No, score=-14.594 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b="Fc0aPa04"; dkim=pass (1024-bit key) header.d=cisco.com header.b="AGKC7OQJ"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UClmZPVjZTMK; Mon, 17 Apr 2023 07:07:57 -0700 (PDT)
Received: from rcdn-iport-5.cisco.com (rcdn-iport-5.cisco.com [173.37.86.76]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7FF6AC151B02; Mon, 17 Apr 2023 07:07:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=38390; q=dns/txt; s=iport; t=1681740477; x=1682950077; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=240LM72nJXigE142cvC74tfqgDA1npW+0RnGAeeAo3k=; b=Fc0aPa042OeeI9LqXCkwJjnQfGbYEDKYQQxnMahL6ya2TF3O2orrXqC3 GaZlOQnfreQ/KphM+MVd+KpfxZqTtmy6ri+zHOpUEOTNMGbDXn9KjWoT6 O5GgWEu2suRvuqoUWE1sTTqqVpITnGhukN4JvZ7IRaLj/YMMCaimcn0sO s=;
X-IPAS-Result: A0AaAADEUT1kmJNdJa1RCRwBAQEBAQEHAQESAQEEBAEBZYEWBwEBCwGBKjEqKHMCWSkSRoRSg0wDhE9fiDMDi0uSERSBEQNWDwEBAQ0BAS4BDAkEAQGFBgIWhSUCJTQJDgECAgIBAQEBAwIDAQEBAQEBAwEBBQEBAQIBBwQUAQEBAQEBAQEeGQUOECeFaA2GAwEBAQEDAQEQEQoTAQEsCwEPAgEIEQQBASEDBAMCAgIfBgsUCQgCBAENBQgaglwBghUTAzEDAQ+gVgGBPwKKIHqBMoEBgggBAQYEBYE3AQMCEEGaPw2CRwMGgUEBh0eBWAEBg2mEMCcbgUlEgRQBQ4FmgQI+giBCAQECAYEjBQEICgEjJAcJgyU5gi6MLoJOgmCIeoE0doEgDoE8gQQCCQIRa4EQCGqBeUACDWQLDm+BSWNMgXsEAhREDhcHNgNEHUADCzs6PzUGDiAFBFN2IyQFAwsVKkcECDgGGzQRAggPEg8GJkQMQjczEwZcASkLDhEDToFHBC9CgRkCBAEmJJxQgV4sPwYHRBkBAxQHBxkWAQEgOyAEBkg1AgQOCQ0RC5JhAQmDEkiKSkeNYpNNbwqDfotyjw4Ehh8Xg32MZpd9Ypd3II0zg26RJIURAgQCBAUCDgEBBoFjOi0+cHAVO4IzAQEBMVIZD44gDA0JFW8BB4JEhRSKKAE8dT0CBwEKAQEDCYZGhH8BAQ
IronPort-PHdr: A9a23:6Q0k1h3i/yPkDBnLsmDPZFBlVkEcU/3cJAUZ7N8gk71RN/3l9JX5N 0uZ7vJo3xfFXoTevupNkPGe87vhVmoJ/YubvTgcfYZNWR4IhYRenwEpDMOfT0yuBPXrdCc9W s9FUQwt5Gm1ZHBcA922fFjOuju35D8WFA/4MF9vOeXxBonUp8+2zOu1vZbUZlYAiD+0e7gnN Byttk2RrpwPnIJ4I6Atyx3E6ndJYLFQwmVlZBqfyh39/cy3upVk9kxt
IronPort-Data: A9a23:JrA/qKNboVOe+ZDvrR3Xl8FynXyQoLVcMsEvi/4bfWQNrUoi0zQAz GIWWWGEO6qCNGSmcogkYd+ypEoFvp/dyoJjSXM5pCpnJ55oRWUpJjg4wmPYZX76whjrFRo/h ykmQoCcaphyFBcwnz/1WlTbhSEUOZqgG/ytWYYoBggrHVU/EHt41ko68wIEqtcAbeaRUlvlV eza+6UzCHf9s9KjGjtJg04rgEoHUMXa4Fv0jHRnDRx4lAO2e00uMX4qDfrZw00U7WVjNrXSq +7rlNlV945ClvsnIovNfr3TKiXmTlNOVOSDoiI+ZkSsvvRNjhA48/keNvQuUGVK2iqZodx84 dxz5IPlHG/FPoWU8AgcewNTHyc7Nqpc9fqeeD60sNeYyAvNdH6EL/dGVR5te9ZHvLcsRzgSq pT0KxhVBvyHr/ipwbanTe9EjcU4J86tN4Qa0p1l5W2CUK93HMieK0nMzc1j1WgBpPFqIcfPX 9s4chZTckuceiQabz/7D7pnzLv32RETaQZwqQiTvqQf4mXPwkp2yreFGNvYYdOiRMhJkACfv G2uwojiKgsRONrawj2f/zf136nEnDjwX8QZE7jQGuNWbEO7+mYyVzgUW2mCg+TolV6AV992I nJF5X97xUQtz3CDQt74Vhy+hXeLuB8ARtZde9HWDinRlcI4BC7EXwA5oi59hM8O75BpGGR7v rOdt5a4Wmw16ez9pWe1r+/M9VuP1T4pwXjujBLooCMf6NXl5Yo0lB+KF48lG6+uhdqzEjb1q 9xrkMTcr+tP5SLo//zrlbwiv95KjsKYJuLSzl6ONl9JFisjOOaYi3WAsDA3F8poIoeDVUWmt 3MZgcWY5+1mJcjTxHXTHrRdRuH5uKzt3NjgbbhHQsJJG9OFpiHLQGysyGoWyLpBa5xdIma5P Cc/RysAvc470ISWgV9fOtLtVJtCIVnIHtX+XfecdctVfpV0b2e6ENJGOyatM5TWuBF0y8kXY M7DGe71VCpyIfo8llKeGbxCuYLHMwhjnws/s7ihkUT+uVdfDVbIIYo43KymNLhhtvzf+FWLq r6y9aKikn1ibQE3WQGOmaY7JlERJn99Dpfzw/G7vMbZSua6MAnN08Ps/I4=
IronPort-HdrOrdr: A9a23:LdEl2KzKDCwJljSt5jU0KrPxmuskLtp133Aq2lEZdPULSL36qy n+ppQmPEHP6Qr5AEtQ6OxoWJPufZvdnaQFmLX5To3SLDUO2VHYY72KiLGSoQEIdBeOi9K1uZ 0QFJSWTeeAc2SS7vyKrjVQcexQvOVvmZrA7Yy1ohsdKHAPV0gj1XYHNu/xKDwPeOAyP+tCKH Pq3Ls9m9PPQwVwUi28PBc4dtmGg+eOuIPtYBYACRJiwhKJlymU5LnzFAXd9gsCUhtUqI1SsV Ttokjc3OGOovu7whjT2yv49JJNgubszdNFGYilltUVEDPxkQylDb4RGIFq/QpF4t1H2mxa1O UkkC1QePibLEmhOF1dlCGdnjUIFgxeskMKh2Xo2UcL6vaJNw7SQ/Ax976xNCGpqnbJeLpHof h2N6XzjesNMTrQ2Cv6/NTGTBdsiw69pmcji/caizhFXZIZc6I5l/1UwKp5KuZJIMvB0vFtLM B+SMXHoPpGe1KTaH7U+mFp3dy3R3w2WhOLWFILtMCZ2yVf2CkR9TpV+OUP2nMbsJ4tQZhN4O rJdqxuibFVV8cTKaZwHv0IT8e7AnHEBRjMLGWRK1L6E7xvAQOBl7fnpLEuoO26cp0By5U/3J zHTVNDrGY3P1njDMWftac7uywlgF/NKwgF5vsukKSR4IeMMYYDGRfzPGwTrw==
X-Talos-CUID: 9a23:7tpmLmHsHMM3HxCNqmJb/m9LP8IrQET/0SbPM3G0BE9gduyKHAo=
X-Talos-MUID: 9a23:9Le0PQWDoC7YYyvq/C3XjW5TFvZM35W/MFEsirk6pZbYLBUlbg==
X-IronPort-Anti-Spam-Filtered: true
Received: from rcdn-core-11.cisco.com ([173.37.93.147]) by rcdn-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 17 Apr 2023 14:07:56 +0000
Received: from rcdn-opgw-1.cisco.com (rcdn-opgw-1.cisco.com [72.163.7.162]) by rcdn-core-11.cisco.com (8.15.2/8.15.2) with ESMTPS id 33HE7tQL022085 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 17 Apr 2023 14:07:55 GMT
Received: from mail-dm6nam10lp2105.outbound.protection.outlook.com (HELO NAM10-DM6-obe.outbound.protection.outlook.com) ([104.47.58.105]) by rcdn-opgw-1.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Apr 2023 14:07:55 +0000
Received: from mail-dm6nam10lp2105.outbound.protection.outlook.com (HELO NAM10-DM6-obe.outbound.protection.outlook.com) ([104.47.58.105]) by rcdn-opgw-1.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Apr 2023 14:07:55 +0000
Received: from mail-dm6nam10lp2105.outbound.protection.outlook.com (HELO NAM10-DM6-obe.outbound.protection.outlook.com) ([104.47.58.105]) by rcdn-opgw-1.cisco.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Apr 2023 14:07:55 +0000
Authentication-Results: rcdn-opgw-1.cisco.com; dkim=pass (signature verified) header.i=@cisco.com; spf=Pass smtp.mailfrom=rwilton@cisco.com; dmarc=pass (p=quarantine dis=none) d=cisco.com
X-IronPort-AV: E=Sophos;i="5.99,204,1677542400"; d="scan'";a="230522"
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Br/TeevYpDo2HMQ3zs5q+efU5oqwnwk/r7AKcZwt9J/s2pO0nJG2qG44cCEZl14bsOfM03NiblivjlHA5ub4C5K0qGBmxJT8QzqlCCfiBQigwNKL3ZWETq6aoIds76AbaZ3tYjM6ItXJ/U6P2G11dOddMteXKOD5oJUw6OSLkHgX+0oxqPIb8KLrCsL/DjxYWbAPRsVz6Sn/N3tvaa6q6SzGR0RRj4yABgDxY1RFFcEYKWi8cb2Nr46YVLDsJTN6fgrJAS8CkwcKdqxK6Eu88VlaDdT137dcpl9ccsqJe6/HxMRY5MgLgQvT3KrZsXM33TUMUs7IUCdh5rYs3yXxDA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=240LM72nJXigE142cvC74tfqgDA1npW+0RnGAeeAo3k=; b=QhZZzIf6nFzIu0nMf114NLzFqqgn0sasceD2zv5GKr3CZ7GBFKqI+jUWrDelMPNWlCfqL0dz0Y5k3MyklxbhoAQ4JrgjgOdtahfKhbE36CYZl7cHXDYU7R9Pi3Ytr5yXetiY7MWa66sf83Uo388txYZ47BQ4QC8cR1XJpVc3ih+p2bpC8xd0I7cMHdRTJNQLwwTbSsaEF2S09fzty6JRMhncJDw3Q2E1oRXYqVG/iKEGXQqcbxkaWBBozOqzYyBkLyV51LLhcHJMvIqtUeJwnwYYcp1ATHBe0U/4kn2JulP3wTVwazdgxjXVsqKg44YZmFqZKWaGktunP8oMmeVkBg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cisco.com; dmarc=pass action=none header.from=cisco.com; dkim=pass header.d=cisco.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=240LM72nJXigE142cvC74tfqgDA1npW+0RnGAeeAo3k=; b=AGKC7OQJrh+7fUDvpOdjYJiFij1NISaskskvP2k7c4/PTGD5BkdqJ+O8Bnwjg6+rvEUM++MriQJ0fLui/JTUOeVHfqxBuxgpnttAGXaakWmimEDc5242vmHf77Kj1gt7vzo00uCUgpsXxfRlSXZa6gut30Gkm0wEyhIiVA40kOc=
Received: from BY5PR11MB4196.namprd11.prod.outlook.com (2603:10b6:a03:1ce::13) by CY5PR11MB6283.namprd11.prod.outlook.com (2603:10b6:930:21::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6298.45; Mon, 17 Apr 2023 14:07:53 +0000
Received: from BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::ef4:1432:b69e:19b2]) by BY5PR11MB4196.namprd11.prod.outlook.com ([fe80::ef4:1432:b69e:19b2%6]) with mapi id 15.20.6298.045; Mon, 17 Apr 2023 14:07:53 +0000
From: "Rob Wilton (rwilton)" <rwilton@cisco.com>
To: "Mr. Jaehoon Paul Jeong" <jaehoon.paul@gmail.com>, Erik Kline <ek.ietf@gmail.com>, Dirk Hugo <dirkvhugo@gmail.com>, Andrew Alston <andrew-ietf@liquid.tech>, Paul Wouters <paul.wouters@aiven.io>
CC: The IESG <iesg@ietf.org>, "i2nsf@ietf.org" <i2nsf@ietf.org>, skku-iotlab-members <skku-iotlab-members@googlegroups.com>, Patrick Lingga <patricklink888@gmail.com>
Thread-Topic: [I2nsf] Robert Wilton's Discuss on draft-ietf-i2nsf-consumer-facing-interface-dm-28: (with DISCUSS and COMMENT)
Thread-Index: AQHZbgDwl5Hsox2TYUWiDZ0oG9vmLa8r8F0AgAOdHJA=
Date: Mon, 17 Apr 2023 14:07:53 +0000
Message-ID: <BY5PR11MB4196AA3106A5A6B4DB2151B8B59C9@BY5PR11MB4196.namprd11.prod.outlook.com>
References: <168138781150.47856.5757621655716682658@ietfa.amsl.com> <CAPK2DeyVg0GHtGKZnJ2SUAJ=f3+PFO-ga6Sh87SV--DNPRzL_w@mail.gmail.com>
In-Reply-To: <CAPK2DeyVg0GHtGKZnJ2SUAJ=f3+PFO-ga6Sh87SV--DNPRzL_w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BY5PR11MB4196:EE_|CY5PR11MB6283:EE_
x-ms-office365-filtering-correlation-id: 2ce1c41a-be81-4f59-4df6-08db3f4d22d0
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 3aEkZjpZcKQTPNdcz8eURHSiycHNGEH2beUVzdo4WhVUMBMNeiIjViK6FAJBNU3BtkUVaRO48XifAPFmHVOTbrIMHPGcNkQ/LziuxM5j/cI7OAcpSFRYHXoztx/2hTmp4n7VyjR+MJMQ1B67f29tuGAW4rAdly/mmUaofOKg2CFSoUKAdpspPSZFYbugGoOld7ghrnNRt6BnU8PRg1HEkofThUugUvVSKLR4AZ2ulJhITUECK/KRoKC2cyPcJHlN0P9UFkp8uO1Mkb2wgdP3o/eQC/5YN5JlVAAPYe/wEMrGrpTKrbL6nbghD+Qt867rFN4QvBHUNwekRhmfDnBJzFic7/0jMGyMADkmQ2XbAM7VbX7wAgblU8Ea3fPhSHh8yVYdu4Nejcwi8gR0YJSJjhDZa2oTbqY+EpQBW+V3zRH544OoQk+Wzggl2WXBCKyUB0kWGawIfKI2MwGuDF5ExRlItCWiAdsLC6noTrrryiE7ey3AJwRcz+Pb3VjroHPjL9AcxW1YaD2zyevDiQ4tGvszCWkO2ra4ek7BJE3L/SKVEO98nVr/uI+SRtwpCILjUDXDsqeLmay9PwTCPKzlu6kDpSHe2N8pql1VOdZorqiXT3AIVtORj+DAYRDoyIpKfYF9Lu0nWX05TK23KrjMHA==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR11MB4196.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(346002)(136003)(39860400002)(396003)(366004)(376002)(451199021)(38100700002)(8676002)(9326002)(8936002)(122000001)(38070700005)(52536014)(5660300002)(166002)(2906002)(33656002)(86362001)(55016003)(478600001)(7696005)(71200400001)(54906003)(110136005)(186003)(966005)(26005)(6506007)(9686003)(53546011)(76116006)(66946007)(66476007)(66446008)(83380400001)(316002)(41300700001)(4326008)(64756008)(66556008); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 5QtF1wE/Bq9/RZcvhxTiU7MqKBB2NVbxnA/QYzm1fF4HKBrJeZ1nhXaCNzgAxhA+M90W/iDsF7n5E9oCw2RiV9oiBrmwlLUL+PP5T2/nXphB7w7/1smnOd8fcBewOqCSbqShA2C5UhcPb1GDvuuBM+/05HE9cMvof6a0Gw+XbL58oGYW2hAOnTEQf+SqJbGQMHvqpuy/VJ47k84ARz6iXwN2HyAT1Rx5KVN4hXxXKTDU8qxTDZrMjNPksO/XLBSnyxsJW6HQfle8qtvF5gy8SG3+/fi8JoGUAf45NPYiWr8EtmwNiRF1YWigz72u8yZ8s6TueZHU+vakNuFuAVTuNZnva3jqzFKsmBybIp7dzwARtTn2jGvLNAkEh9csoCDYicFvybeQA+maqtddSAseHQLJw7IByS805RgIdZWIYrnsoT2rFuJN4clQgzualjc0UaSCLEh3yg9Duibs14lXdnFlVhS2GTA2O51/FhAkK1CoefVuvHjKOQWjn8beHjLCXwoB2dvuXKWgjBPL/1Zj2l1RsJBq7rmr96iMFkDC7Cy0HIW5uXpCbbDoQzhuZ4BHL+10l0vvkZ8bzVes5WYXhzsB2as52txdhKA8+zAoJOjyTJBGqaz7lYSJy/9ITvdZ3+pBpiM5BbGCmUTfyKVpFnA1oS4C9Gqx+oJxhmpuk3SUjm06J7quKxzEcSwa1Ix4w2HxP8vZILOrRP3e3gDBrJisyqrHY4oYtjGWxKiYmLTUYCgvlO97HNRKe05dHjmy0IkJeKlbhDMJ/vbyPInM6fUgDvfJyOg0BRuJQo7wx/awoOr0KzqmJLwRe+1cXDauprF3yAyzMfUCIhm4UXKNeVtJcQVDAXqAsV0FnxGP2qfizQI1dnCXIoz2Qv01xnzgxkruhR9eBIOd0wDZyB9xW9oPpaMNhjVgRxWTE5WsDG+XdEEg36IktNTP5AJQ7UYKChNuP2H8EB8RseTeyhjFtytvObKEBCkQkEfyZ+OU+wzpqoKBPWVzDGuAltnfAcjR1VD5Miedtxsz385XqnC5B94AsQ7PaYk1bM1Si0TplzIg6018elACyQ0thfq6GB6oYkDGDAbQkYI98hNJs3NvzuV04715snPymsjR9KwgALU+GMypo8RqKYtH4CtbnpOmvOWfIVwXy1NSw/oyetXWyyIE7L5Nwola1PX5l7dn7BF6V4J5zRFG0N8Q/JO4mH8Uf7HY23iTxZZU1WP0CnOyTngTqS5IrqMBr9Ep9DRXr4/V8sYDiiesVq3j7B+NMzEEUaorO05XduWlMlQtYMaEVx2Jo2hBZPxHopWU1YUBr4ZWJ5DwBYuMqWrnzHgN5SjVvkfVCD9u8wDwvYEnPaxmob+9xV0HHo4E/w6n/5PWlzi34m7QIVSE6o6z7IPtZiJYGtjweOur1RbJjEtfKKyihYnQzOuzeqai43tjCXUWrQxB9xo43Hk2WMY7U8LZThE0zW2x1HwbUflanEMTGptB41iPoexhs5MLGHkjZrIK8GC636g6XjnITsVzm/6Zi2K42mcf2BpJtqEZSR/R788fRma2eTWpYS3m2fFLoBGHD10=
Content-Type: multipart/alternative; boundary="_000_BY5PR11MB4196AA3106A5A6B4DB2151B8B59C9BY5PR11MB4196namp_"
MIME-Version: 1.0
X-OriginatorOrg: cisco.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB4196.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2ce1c41a-be81-4f59-4df6-08db3f4d22d0
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Apr 2023 14:07:53.1944 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: UrQtQG33SDoaWR8/o0cpDekOIivX4y/Ri5T3b1Pz1T5OnBiMN4OWKYoKrxJgReb3yuqZbWhNOGcD9XLuVr+fYg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR11MB6283
X-Outbound-SMTP-Client: 72.163.7.162, rcdn-opgw-1.cisco.com
X-Outbound-Node: rcdn-core-11.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/wentMp_znQwuXfOGukqxl2mY4ZQ>
Subject: Re: [I2nsf] Robert Wilton's Discuss on draft-ietf-i2nsf-consumer-facing-interface-dm-28: (with DISCUSS and COMMENT)
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Apr 2023 14:08:01 -0000
Hi Paul, I’ll clear my discuss. One further comment: Did you consider using an "order-by-user" list to define the priority instead? I.e., process the rules in the order that they are specified in the list. => [PAUL] Yes, it is possible to use “order-by-user”. As far as I know, most implementation does not actually define the order to match the rule for similar priority values, since the priority values are supposed to be the ones that define the order. The implementation itself can be chosen based on the order of the user’s specified list or based on the alphabetical order of the rule’s key (i.e., rule name). According to your comment, we updated the description text to be clearer as follows: I meant marking the containing list “rule” as “ordered-by user” rather than having a priority leaf that defines a partial order. I don’t think that it would be helpful to have an “ordered-by user” list alongside a priority leaf. I think that it should be one or the other. Regards, Rob From: Mr. Jaehoon Paul Jeong <jaehoon.paul@gmail.com> Sent: 15 April 2023 07:48 To: Rob Wilton (rwilton) <rwilton@cisco.com>; Erik Kline <ek.ietf@gmail.com>; Dirk Hugo <dirkvhugo@gmail.com>; Andrew Alston <andrew-ietf@liquid.tech>; Paul Wouters <paul.wouters@aiven.io> Cc: The IESG <iesg@ietf.org>; i2nsf@ietf.org; skku-iotlab-members <skku-iotlab-members@googlegroups.com>; Patrick Lingga <patricklink888@gmail.com>; Mr. Jaehoon Paul Jeong <jaehoon.paul@gmail.com> Subject: Re: [I2nsf] Robert Wilton's Discuss on draft-ietf-i2nsf-consumer-facing-interface-dm-28: (with DISCUSS and COMMENT) Dear Robert Wilton, Erik Kline, Dirk Von Hugo, Andrew Alston, and Paul Wouters, Here is the revised draft to address all your comments: https://datatracker.ietf.org/doc/html/draft-ietf-i2nsf-consumer-facing-interface-dm-29 I attach the revision letter. Thanks for your valuable comments. Best Regards, Paul On Thu, Apr 13, 2023 at 9:10 PM Robert Wilton via Datatracker <noreply@ietf.org<mailto:noreply@ietf.org>> wrote: Robert Wilton has entered the following ballot position for draft-ietf-i2nsf-consumer-facing-interface-dm-28: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-i2nsf-consumer-facing-interface-dm/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Hi, Thanks for this document. There is one issue that I think are worthy of discussion: (1) p 7, sec 3.2. Condition Sub-model Case (firewall): This field represents the layer-2 header (e.g., MAC addresses), layer-3 header (e.g., IPv4 or IPv6 addresses, ICMPv4 or ICMPv6 parameters, and transport layer protocol) and layer-4 header (e.g., port numbers) of the network traffic. Note that the YANG module only provides high- level ICMP messages that are concretely specified by either ICMPv4 or ICMPv6 messages (e.g., Destination Unreachable: Port Unreachable which is ICMPv4's type 3 and code 3 or ICMPv6's type 1 and code 4). Also note that QUIC protocol [RFC9000] is excluded in the data model as it is not considered in the initial I2NSF documents [RFC8329]. The QUIC traffic should not be treated as UDP traffic. The data model should be extended or augmented appropriately to support the handling of QUIC traffic according to the needs of the implementer. (2) p 8, sec 3.2. Condition Sub-model Note that due to the exclusion of QUIC protocol in the I2NSF documents, HTTP/3 is also excluded in the document along with the QUIC protocol. HTTP/3 should neither be interpreted as HTTP/1.1 nor HTTP/2. The data model should be extended or augmented appropriately to support the handling of HTTP/3 traffic according to the needs of the implementer. Is there a concrete plan for adding support for QUIC and HTTP/3, given that it stated that these cannot be handled as UDP or HTTP/1.1 or HTTP/2? ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- (3) p 38, sec 6.1. YANG Module of Consumer-Facing Interface leaf-list system-alarm { type identityref { base i2nsfmi:system-alarm; } description "The security policy rule according to system alarms."; } } container condition { description "Conditions for general security policies."; Please include documentation here for the condition container as to how the different fields are combined (i.e., that all configured conditions must match for a rule to trigger). (4) p 4, sec 3. YANG Tree Diagram of Policy Resolution-strategy: This field represents how to resolve conflicts that occur between actions of the same or different policy rules that are matched and contained in this particular NSF. The resolution strategy is described in Section 3.2 of [I-D.ietf-i2nsf-capability-data-model] in detail. Given you document the default for language above, would it name sense to document the default matching rule here as well? (5) p 7, sec 3.2. Condition Sub-model The Condition object describes the network traffic pattern or fields that must be matched against the observed network traffic for the rule to trigger. The fields used to express the required conditions to trigger the rule are organized around the class of NSFs expected to be able to observe or compute them. Figure 5 shows the YANG tree of the Condition object. The Condition Sub-model SHALL have the following information: I find the use of "Case" confusing in the descriptions below. I mistakenly thought that you were referring to the YANG case statements under choice, and hence only one of these conditions can be expressed for a given rule. (6) p 20, sec 6.1. YANG Module of Consumer-Facing Interface identity fmr { Using longer identity names for the resolution-strategies may make the module more readable. E.g. 'first-matching-rule' might be clearer than fmr. If you change this, then I would suggest changing it for the other resolution-strategies as well (and the any default values). (7) p 37, sec 6.1. YANG Module of Consumer-Facing Interface leaf priority { type uint8; description "The priority of the rule to indicate the order of the rules to be matched. A higher value means a higher priority. The packet or flow will be matched with the rule with the highest priority value first and continues to a lower priority value. Once a rule matches the packet or flow, the NSF should execute the rule and terminate the matching process. If multiple rules have an equal priority, the actual order is undefined. The handling of the selection of those rules depends on the implementer, e.g., non-rule selection, first rule selection or random rule selection."; } Did you consider using an "order-by-user" list to define the priority instead? I.e., process the rules in the order that they are specified in the list. (8) p 39, sec 6.1. YANG Module of Consumer-Facing Interface error-message "An end port number MUST be equal to or greater than a start port number."; I would suggest changing this to 'must', or otherwise you need to add the standard RFC 2119 boilerplate to the YANG module (pyang can help with this). (9) p 43, sec 6.1. YANG Module of Consumer-Facing Interface description "This represents the repetition time. In the case where the frequency is weekly, the days can be set."; This comment is slightly misleading. I would suggest deleting, or perhaps rewording "In the case where the frequency is weekly, the days can be set.";" (10) p 43, sec 6.1. YANG Module of Consumer-Facing Interface leaf-list date { 'date' is a somewhat confusing name for this. Would 'day-of-month' be better? (11) p 44, sec 6.1. YANG Module of Consumer-Facing Interface leaf-list month { 'month' is a confusing name for this. Would 'month-and-day' be better? (12) p 44, sec 6.1. YANG Module of Consumer-Facing Interface description "This represents the repeated date and month of every year. More than one can be specified. A pattern used here is Month and Date (MM-DD)."; So, if you wanted the policy to apply for a particular 3 weeks per year, then I presume that it would be necessary to list each of those day separately? Did you consider allowing ranges here, or what that be too much complexity? Regards, Rob _______________________________________________ I2nsf mailing list I2nsf@ietf.org<mailto:I2nsf@ietf.org> https://www.ietf.org/mailman/listinfo/i2nsf
- [I2nsf] Robert Wilton's Discuss on draft-ietf-i2n… Robert Wilton via Datatracker
- Re: [I2nsf] Robert Wilton's Discuss on draft-ietf… Mr. Jaehoon Paul Jeong
- Re: [I2nsf] Robert Wilton's Discuss on draft-ietf… Rob Wilton (rwilton)
- Re: [I2nsf] Robert Wilton's Discuss on draft-ietf… Mr. Jaehoon Paul Jeong